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During  the  boom  years  of  IT  spending, 
both  Cisco  in  networking  and  EMC  in 
storage  were  able  to  charge  premium 
prices  for  their  hardware.  Cisco  still  can, 
users  and  analysts  say.  But  EMC  has  had  to  change  its  ways. 
Reporters  Matt  Hamblen  and  Lucas  Mearian  asked  IT  managers 
why  they’re  willing  to  pay  more  for  Cisco’s  routers  and  switches 
;!  but  no  longer 

1  want  to  do  the 

same  for  EMC’s 
disk  arrays,  our 
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ON  PAGE  6. 
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IT  SPENDING 


Internet  Technology  Raws 
Raise  Fears  of  DoS  Attacks 


Holes  found  in  core 
Transmission  Control 
Protocol,  Cisco’s  IOS 

BY  JAIKUMAR  VIJAYAN 

The  disclosure  last  week  of 
two  serious  flaws  in  widely 
used  Internet  technologies 
raised  concerns  among  some 
security  experts  that  denial- 
of-service  attacks  could  be 


launched  against  core  routers 
and  switches. 

But  there’s  little  reason  for 
alarm,  others  maintained. 

One  of  the  vulnerabilities 
involves  Cisco  Systems  Inc.’s 
implementation  of  the  Simple 
Network  Management  Proto¬ 
col  in  its  Internetworking 
Operating  System.  The  flaw 
could  allow  remote  attackers 
Internet  Flaws,  page  45 


CA’s  Gains  Will  Survive 


CEO’s  Ouster,  Users  Say 


They’re  optimistic  that  progress  in  customer 
relations  begun  under  Kumar  will  continue 


BY  STACY  COWLEY 
AND  DON  TENNANT 

Computer  Associates  Inter¬ 
national  Inc.’s  management 
shake-up  is  unlikely  to  directly 
affect  customers  or  dramatical¬ 
ly  change  the  company’s  prod¬ 
uct  plans  and  strategy,  users 
and  analysts  said  last  week  in 
the  wake  of  Sanjay  Kumar’s 


McNealyLays 
Out  a  Plan  for 
Profits  at  Sun 

Tells  partners  changes 
are  in  store  —  but  not 
for  basic  technologies 

BY  PATRICK  THIBODEAU 

SAN  DIEGO 

If  you’re  a  Sun  Microsystems 
user,  expect  some  changes. 
Your  servers  may  come  free  as 
part  of  a  software  and  services 
package.  Subscription  pricing 
plans,  including  one  for  So¬ 
laris,  will  expand.  And  there 
will  be  a  growing  emphasis  on 
utility  pricing  models. 

At  least  that’s  the  vision  Sun 
CEO  Scott  McNealy  described 
at  the  iForce  partner  confer¬ 
ence  here  last  week.  Despite 

Sun’s  Plan,  page  45 

REAUTY  CHECK 

ONLINE:  No  timetable  set  for 
Sun-Microsoft  interoperability: 

O  QuickLink  46418 
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ouster  as  chairman  and  CEO. 

Still,  the  company  is  under 
the  watchful  eye  of  its  cus¬ 
tomers.  Sherry  Irwin,  chair¬ 
man  of  the  Canadian  Software 
Asset  Management  Users’ 
Group  in  Toronto,  ex¬ 
pressed  concern  that 
Kumar’s  departure 
from  the  helm  could 
jeopardize  the  im¬ 
provements  he  made 
in  customer  relations 
after  he  became  CEO 
in  2000.  Users  should  be  wary 
of  any  changes  CA  may  try  to 
make  as  a  result  of  the  shake- 
up,  she  said. 

According  to  Mark  Barrene- 
chea,  CA’s  senior  vice  presi¬ 
dent  of  product  development, 
Kumar  will  remain  at  the  fore¬ 


front  of  building  customer  sat¬ 
isfaction  in  the  newly  created 
position  of  chief  software  ar¬ 
chitect.  Asked  why  users 
shouldn’t  be  concerned  that 
CA  might  slide  back  into  its 
old  ways  with  Kumar  out  of 
the  CEO’s  office,  Barrenechea 
stressed  that  Kumar’s  pres¬ 
ence  will  continue  to  be  felt. 

“Sanjay  is  a  bril¬ 
liant,  innovative,  mo¬ 
tivating  individual,” 
Barrenechea  said.  “It’s 
very  much  the  Micro¬ 
soft  model  of  freeing 
up  our  best  talent  to 
focus  on  adding  value 
back  to  customers.”  Address¬ 
ing  the  current  mood  at  CA, 
Barrenechea  said  he’s  inclined 
to  emphasize  the  positive.  “If 
I  can  get  Sanjay’s  time  every 
day  to  help  me  build  product, 
it’s  a  good  day,”  he  said. 

CA’s  Future,  page  15 


oreca: 

For  Open-Source 


Weather.com’s 
dramatic  shift 
away  from  pro¬ 
prietary  software 
and  hardware 
has  cut  IT  costs 
by  one-third. 
PAGE 19 


CA,  IBM  execs  trade 
barbs.  PAGE  15 


It’s  a  case  of  the  sins 
of  CA’s  father,  says 
Maryfran  Johnson. 
PAGE  16 


'  *  ' 


• '  A 

tgpff&l 


t  thjunc 

wdX  (Xjt&eLfts>  i 

m  -**  etxu- 


'  «■  f^ek^u 

”^J  business 
cuvuni? 


atchi ng  the  surface. 


KNOW 


H  ,. 


my  name 


wvvw .  i  mage  runner 


The  right  management  can  put  you  in  control  of  your  infrastructure, 
not  the  other  way  around. 


Unicenter®  infrastructure  Management  Software 


So  long,  mayhem.  Managing  on-demand  computing  is  here.  Unicenter  infrastructure  management  software  lets  you  take  control 
of  your  infrastructure  so  you  can  be  more  responsive  to  business.  With  automation  and  self-healing  capabilities  Unicenter  can 
help  control  costs  and  empower  you  to  do  more  with  less.  Unicenter  also  lets  your  infrastructure  react  to  changes  in  real  time, 
so  your  IT  and  business  priorities  are  always  in  sync.  Finally,  it  is  based  upon  a  service-oriented  architecture  that  simplifies 
your  IT  environment,  so  your  infrastructure  is  easier  to  manage.  To  learn  how  to  get  more  value  out  of  your  infrastructure, 
or  to  get  a  white  paper,  go  to  ca.com/infrastructure. 
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Optical  Storage  Sings  the  Blues 

In  the  Technology  section:  Emerging  optical 
storage  technologies  based  on  blue  lasers 
are  making  archiving  easier  by  dramatically 
increasing  disc  storage  capacities.  Page  22 
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Reining  in  Maverick  Buyers 

In  the  Management  section:  Have  a  hard  time 
telling  who’s  spending  what  and  where?  Spend 
management  software  and  services  can  help 
you  establish  centralized  control  over  compa¬ 
ny  expenditures  and  yield  big  savings.  Page  31 
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A  kinder,  gentler  EMC  lowers 
its  hardware  prices  to  stay 
competitive  in  the  storage 
market. 

isco's  dominance  of  the 
networking  market  allows  it 
to  charge  higher  prices,  but 
it’s  a  fair  trade-off,  users  say. 

Q&A:  Execs  from  EMC  and 
Cisco  talk  about  their  com¬ 
panies’  pricing  policies. 

PACKAGE  BEGINS  ON  PAGE  6. 

12  Hewlett-Packard  considers 

enabling  users  to  convert 
HP  9000  hardware  into  e3000 
systems  that  run  MPE. 

12  IBM  channels  WebSphere 
improvements  into  service- 
oriented  architectures. 

14  Business  process  outsourc¬ 
ing  pioneers  encounter  per¬ 
sonnel  and  contract  hurdles. 

14  Oracle  log’s  automation  and 
self-tuning  features  make  it 
easier  to  manage  than  the  pre¬ 
vious  version  of  the  database, 
users  say. 

15  IBM  vs.  Computer  Associates: 
Steve  Mills  tells  why  IBM  can 
lure  CA  customers  with  or 
without  the  government’s 
help,  while  CA’s  Mark  Barren- 
echea  addresses  his  rebuttal 
to  the  “VP  of  afterthought.” 


19  Field  Report:  A  Sunny 
Forecast  for  Open-Source. 

Weather.com  is  migrating 
from  commercial  software  to 
open-source  alternatives  — 
and  the  savings  are  already 
rolling  in. 

26  Future  Watch:  Programming 
Matter.  Techniques  for  sub¬ 
atomic  programming  will 
arrive  slowly,  but  their  first 
impact  will  be  felt  in  infor¬ 
mation  systems. 

28  Security  Manager’s  Journal: 
Failure  to  Communicate 
Dooms  IDS  Alert  Process. 

An  early  warning  is  ignored, 
and  as  a  result,  SQL  Slammer 
worms  its  way  into  Mathias 
Thurman’s  network. 

MANAGEMENT 

33  Choosing  the  Best  Side  Roads. 

CIOs  disclose  where  and  how 
IT  professionals  with  execu¬ 
tive  aspirations  can  acquire  the 
company  and  business  knowl¬ 
edge  they  need  to  succeed. 

34  Q&A:  Introverted  Technolo¬ 
gists.  Author  and  consultant 
Naomi  Karten  has  advice  for 
introverts  who  want  their  IT 
careers  to  prosper  in  an  extro¬ 
verted  business  world.  The 
first  step,  she  says,  is  to  view 
introversion  as  a  positive  trait, 
not  an  affliction. 

36  Career  Watch.  Lockheed 
Martin  CIO  Joseph  Cleveland 
answers  readers’  career  ques¬ 
tions.  Plus,  get  skills  advice 
from  CIOs  and  an  update  on 
open-source  careers. 


10  On  the  Mark:  Mark  Hall  tells 
you  how  to  avoid  jail  time  when 
the  wrong  people  download 
your  software  from  the  Net. 

16  Maryfran  Johnson  wonders 
whether  ongoing  federal  in¬ 
vestigations  and  increased 
competitive  pressure  will 
change  IT  users’  loyalty  to  a 
post-Sanjay  CA. 

16  Pimm  Fox  sees  an  important 
role  for  the  IT  industry  in 
Iraq:  building  morale  and 
keeping  troops  connected  to 
the  folks  back  home. 

17  Michael  Gartenberg  thinks 
the  delay  of  the  Longhorn 
Windows  client  to  2006  can 
work  to  your  advantage. 

29  Curt  A.  Monash  says  antispam 
systems  may  not  be  perfect, 
but  they’re  among  the  best 
attaboy-producing  purchases 
you  can  make. 

37  Sue  Young  has  advice  on 
clearing  your  mind  of  the 
stress  that  keeps  you  from 
making  good  decisions. 

46  Frankly  Speaking:  Frank 
Hayes  writes  that  the  TCP 
security  hole  is  the  kind  of 
problem  you  can  throw  mon¬ 
ey  at  —  and  at  least  you’ll 
know  how  much  it  will  take. 
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Slow  Down  the 
Security  Patch  Cycle 

SECURITY:  The  patch  distribution  process 
needs  to  be  re-examined,  writes  consultant 
Bill  Addington.  He  proposes  slowing  down, 
not  speeding  up,  patch  releases  to  defeat  re¬ 
verse-engineering  tactics.  ©  QuickLink  46069 

The  Best  Ways  to  Verify 
Customer  Identity 

PRIVACY:  Consumers  should  supply  more 
authentication  information  as  they  access 
increasingly  sensitive  accounts,  columnist 
Jay  Cline  recommends.  Such  an  approach 
protects  data  while  not  scaring  people  away 
from  routine  transactions.  ©  QuickLink  46340 


Quality  Management 
For  Web  Services 

DEVELOPMENT:  How  to  use  knowledge  shar¬ 
ing  and  technology  reuse  to  develop  success¬ 
ful  Web  services.  ©  QuickLink  46283 


Is  Sarbanes-Oxley  All  Bad? 

IT  MANAGEMENT:  The  law  is  making  compli¬ 
ance  management  visible  at  the  highest  orga¬ 
nizational  levels,  says  Axentis  Chairman 
Steven  Lindseth.  ©  QuickLink  46202 

LifelonaLearning  Is  Crucial 
To  U.S. Economic  Growth 

CAREERS:  Outplacement  pioneer  John  A. 
Challenger  shares  some  ideas  on  training 
tomorrow’s  workforce.  O  QuickLink  46195 
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EMC  Lowers  Prices, 
Reins  In  Sales  Force 

Stiffer  competition  forces  vendor  to  change  its  approach 


IT  SPENDING 


BY  LUCAS  MEARIAN 

Talk  to  any  number  of 
EMC  Corp.  customers 
and  they  will  relate  sto¬ 
ries  of  a  time  not  so  long  ago 
when  the  storage  vendor’s 
salespeople  would  walk  into 
their  office,  write  a 
price  for  a  disk 
array  or  software 
package  on  a  piece 
of  paper  and  say, 
“Take  it  or  leave  it.” 

But  those  days  are  gone, 
said  most  of  the  10  EMC  users 
interviewed  by  Computer- 
world  this  month. 

EMC’s  once  arrogant  and 
unbending  sales  force  is 
quickly  changing  into  one  that 
will  bargain  with  customers 
and  even  undercut  major  com¬ 


petitors  such  as  IBM,  Hewlett- 
Packard  Co.  and  Hitachi  Data 
Systems  Corp.,  the  users  said. 

“Today,  if  you  get  a  better 
deal  with  IBM,  HP  or  Hitachi, 
EMC  will  come  back  and  say, 
‘Give  us  another  shot,’  ”  said 
Lev  Gonick,  CIO  at  Case 
Western  Reserve  University  in 
Cleveland.  The  school  recent¬ 
ly  added  5TB  to  its  installation 
of  EMC’s  Clariion  midrange 
disk  arrays,  giving  it  a  total 
storage  capacity  of  35TB. 

Darko  Dejanovic,  chief  tech¬ 
nology  officer  at  Chicago- 
based  Tribune  Co.  and  its  Tri¬ 
bune  Publishing  Co.  subsid¬ 
iary,  said  that  when  he  first 
met  with  EMC  early  last  year 
to  negotiate  a  purchase  of  sev¬ 
eral  Clariion  arrays,  the  stor¬ 


age  vendor’s  salespeople  were 
extremely  unpleasant  to  deal 
with.  But  EMC  went  to  great 
lengths  on  pricing  to  win  the 
order  from  Tribune,  which 


Cisco’s  Prices  Seen 
As  a  Fair  Trade-off 


Network  managers  shrug  off  premiums 


BY  MATT  HAMBLEN 

Twenty  years  after  it 
was  founded,  Cisco  Sys¬ 
tems  Inc.  so  overwhelm¬ 
ingly  dominates  the  network¬ 
ing  equipment  market  that 
many  network  managers  say 
they  don’t  balk  about  the  need 
to  pay  premium  prices  for 
most  of  its  products. 

The  upfront  cost  of  Cisco’s 
switches  and  routers  is  often 
higher  than  the  price  of  rival 
devices,  according  to  inter¬ 
views  with  15  Cisco  users. 
Some  of  the  users  said  the 
pricing  premium  charged  by 
Cisco  can  total  15%  or  more, 
and  analysts  cited  even  larger 
cost  differences.  But  most  of 
the  users  put  Cisco  in  the  leg¬ 


endary  category  of  1970s  IBM 
—  a  safe  choice  that  won’t  get 
anyone  in  IT  fired. 

Cisco  also  got  high  marks 
for  the  reliability  of  its  prod¬ 
ucts  and  the  strength  of  its 
customer  service.  As  a  result 
of  the  widespread  perception 
that  Cisco  is  more  expensive, 
the  users  said  they 
do  try  to  keep  an 
eye  out  for  price 
discounts  and  in¬ 
novative  technolo¬ 
gy  from  Cisco’s 
competitors.  Still, 
they  added  that 
they  often  end  up 
sticking  with  Cis¬ 
co  anyway. 

For  example, 

Cardinal  Glass 
Industries  Inc.  in 


63 


Cisco’s  share 
of  the  switch 
market  in  2003 


s  share  of  the 
outer  market 


Eden  Prairie,  Minn.,  has  pur¬ 
chased  mostly  Cisco  network¬ 
ing  products  for  the  past  four 
years.  Brian  Moss,  a  senior 
systems  engineer  at  the  glass 
maker,  estimated  that  it  pays  a 
15%  premium  on  average  for 
the  devices,  compared  with 
those  from  vendors  such  as 
Hewlett-Packard  Co.  and 
3Com  Corp.  But  the  extra 
costs  have  been  money  well 
spent,  he  said. 

“We’ve  tried  other  vendors 
and  just  weren’t  happy  with 
support,”  Moss  said.  In  con¬ 
trast,  he  added,  Cisco’s  sup¬ 
port  workers  “answer  our 

calls,  they  know 
the  answers  to  our 
questions,  and  it’s 
a  good  OS  and  a 
familiar  product.” 

“A  Cisco  net¬ 
work  is  a  rock- 
solid  network, 
and  if  we  weren’t 
able  to  build 
[ours]  with  Cisco 
hardware,  I  don’t 
think  I’d  feel  all 
P  that  comfortable,” 


www.computerworld.com 


wasn’t  an  existing  customer. 

“Hitachi  squeezed  them  re¬ 
ally  bad,”  Dejanovic  said.  “We 
almost  went  with  Hitachi  stor¬ 
age.  The  reason  we  went  with 
EMC  is  that  they  gave  us  some 
good  discounts  on  their  boxes. 
We  were  kind  of  virgin  territo¬ 
ry  for  them.” 

Dejanovic  added  that  by  the 
time  he  met  with  EMC  again 
in  December  to  buy  three 
more  Clariion  arrays,  its  sales¬ 
people  had  progressed  in  atti¬ 
tude  from  a  “zero”  to  a  70  out 
of  100  on  his  satisfaction  scale. 

With  storage  hardware  be¬ 
coming  more  of  a  commodity 
and  EMC  no  longer  the  clear 
leader  in  the  disk  array  market 
from  either  a  technology  or 
sales  standpoint,  CEO  Joe 
Tucci  acknowledged  that  his 
company  had  no  alternative 
but  to  become  more  competi¬ 
tive  on  pricing.  Tucci  also  said 
he  has  “trimmed  some  of  the 
extreme  edges”  off  of  EMC’s 
sales  force  by  firing  workers 
who  didn’t  get  the  message 
that  they  were  expected  to  be 
less  haughty  with  users  (see 
interview,  page  8). 


said  David  Roessler,  director 
of  information  services  at 
Quay  Corp.,  a  company  in 
Eatontown,  N.J.,  that  makes 
printed  circuit  boards  for  elec¬ 
tronics  manufacturers. 

Other  vendors  might  offer 
technology  that’s  similar  to 
what  Cisco  sells,  Roessler 
said.  But  he  added  that  he 
doubts  they  would  be  able  to 
match  its  technical  support 
prowess,  such  as  its  ability  to 
provide  software  patches  and 
fixes  quickly  and  reliably. 

Cisco  accounted  for  nearly 
two-thirds  of  the  $22.3  billion 
worth  of  switches  and  routers 
sold  globally  last  year,  accord¬ 
ing  to  Framingham,  Mass.- 
based  IDC.  Its  share  of  those 
two  markets  was  virtually  un¬ 
changed  from  2002,  the  re¬ 
search  company  said. 

IDC  tracks  at  least  20  ven¬ 
dors  in  the  switching  market, 
and  Gartner  Inc.  analyst  Mark 
Fabbi  said  there  are  plenty  of 
viable  alternatives  to  Cisco. 
Fabbi  urged  users  to  avoid  up¬ 
grades  of  Cisco  installations 
without  bothering  to  seek  bids 
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HMM  We  almost  went  with 
17  Hitachi  storage.  The 
reason  we  went  with  EMC  is 
that  they  gave  us  some  good 
discounts  on  their  boxes. 

DARKO  DEJANOVIC,  CHIEF  TECHNOLOGY  OFFICER,  TRIBUNE  CO. 

AND  TRIBUNE  PUBLISHING 


However,  some  users  and 
analysts  said  EMC’s  acts  of 
pricing  contrition  sometimes 
are  less  than  meets  the  eye. 
EMC  now  uses  lower  hard¬ 
ware  prices  to  win  new  cus¬ 
tomers  or  buy  its  way  back 
into  accounts,  then  tries  to 
make  the  discounts  back  on 
software  and  services,  said 
Gary  Pilafas,  a  senior  storage 
and  systems  architect  at  UAL 
Loyalty  Services  Inc.,  an  Ar¬ 
lington  Heights,  Ill-based  unit 
of  United  Air  Lines  Inc. 

“It’s  still  theirs  to  do,”  Pila¬ 
fas  said,  referring  to  the  fee- 
based  services  that  EMC  of¬ 
fers  for  tasks  such 
as  configuring  its 
Symmetrix  Re¬ 
mote  Data  Facili¬ 
ty  software  and 
other  storage 
management  ap¬ 
plications  instead 
of  training  users 
to  do  the  work 
themselves. 

On  average, 

EMC  still  isn’t  the 
lowest-cost  disk 
array  vendor,  said 


Gartner  Inc.  analyst  Stanley 
Zaffos  (see  pricing  chart,  page 
6).  He  also  noted  that  EMC 
has  convinced  users  to  pay 
more  per  gigabyte  for  the 
high-end  Symmetrix  DMX  ar¬ 
rays  it  introduced  last  year 
than  it  was  getting  for  older 
models  —  a  pricing  uptick 
that  rival  vendors  have  emu¬ 
lated. 

Falling  Hardware  Sales 

But  Nick  Allen,  another  Gart¬ 
ner  analyst,  said  EMC  has  be¬ 
come  increasingly  competitive 
on  the  hardware  side  over  the 
past  18  months. 

The  company’s 
hardware  sales  and 
market  share  have 
fallen  along  with 
its  prices,  accord¬ 
ing  to  Framing¬ 
ham,  Mass.-based 
IDC.  EMC  sold 
$2.5  billion  worth 
of  disk  storage  sys¬ 
tems  last  year,  less 
than  half  of  the 
$5.6  billion  level  it 
reached  in  2000, 
IDC  said,  adding 


that  it  dropped  behind  HP  in 
sales  during  2003. 

But  thanks  to  its  recent  ac¬ 
quisitions  of  three  major  soft¬ 
ware  vendors,  EMC  can  now 
turn  to  an  expanded  software 
business  and  growing  services 
revenue  to  supplement  the 
hardware  side.  Earlier  this 
month,  EMC  reported  first- 
quarter  revenue  of  $1.87  bil¬ 
lion,  up  35%  from  $1.38  billion 
a  year  earlier.  Hardware  ac¬ 
counted  for  just  48%  of  total 
revenue,  EMC  said.  Software 
and  services  contributed  26% 
and  25%,  respectively. 

Mark  Detert,  director  of  data 
center  and  automation  opera¬ 
tions  at  Visa  U.S.A.  Inc.’s  debit¬ 
processing  services  unit  in  En¬ 


glewood,  Colo.,  said  EMC  is 
finally  in  the  game  of  selling 
full  solutions  combining  hard¬ 
ware,  software  and  services  in¬ 
stead  of  just  “trying  to  push 
the  Symmetrix  like  they  have 
for  the  past  10  years.” 

Allen  said  users  normally 
must  wield  a  big  club  in  order 
to  soften  up  EMC’s  salespeo¬ 
ple  on  services  costs.  “They’ll 
give  in  on  hardware  and  soft¬ 
ware  but  not  give  in  on  all 
three  unless  they’re  really 
hungry,”  he  said. 

That  means  an  IT  manager 
has  to  make  a  large  purchase, 
work  at  a  company  that  has 
strategic  value  to  EMC  or  be 
good  at  negotiating  to  get  the 
best  possible  deal.  For  exam¬ 


ple,  it  helps  to  be  serious 
about  turning  to  another  ven¬ 
dor  if  EMC  won’t  come  down 
enough  on  price,  Zaffos  said. 
“If  the  [EMC]  account  team 
recognizes  that  you  want  them 
and  that  it’s  not  really  an  hon¬ 
est  competition,  that  will  im¬ 
pact  the  bid  price,”  he  added. 

Even  so,  EMC  has  changed 
for  the  better,  said  David  Kad- 
ow,  director  of  systems  admin¬ 
istration  and  infrastructure  at 
CDC  IXIS  Capital  Markets 
North  America  Inc.  in  New 
York.  Kadow,  who  has  been  an 
EMC  user  for  five  years,  said 
the  increased  competition  has 
transformed  its  sales  staff 
from  pugnacious  to  polite. 

“They’ve  stepped  up  in  the 
past  two  or  three  years  and 
made  many  changes,”  Kadow 
said.  “At  this  point,  I  feel  like 
we  have  a  partnership  with 
them.”  O  46375 


SOFTWARE  TO  THE  RESCUE? 

Integrated  life-cycle  management  has 
become  EMC's  new  mantra  -  and  its 
biggest  technology  challenge: 
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EMC’s  disk  storage 
market  share  in 
2000.  Ranking:  No.  1. 


Its  market  share 
last  year.  Ranking: 
No,  2,  behind  HP. 

SOURCE:  IDC,  FRAMINGHAM.  MASS. 


from  competing  vendors. 
Nonetheless,  he  referred  to 
the  switching  market  as  “Cis¬ 
co  and  the  seven  dwarves.” 

Fabbi  said  Gartner’s  analysis 
of  switch  revenue  and  port- 
shipment  data  shows  that  Cis¬ 
co’s  average  selling  prices 
were  more  than  50%  higher 
per  port  than  those  of  key  ri¬ 
vals  during  the  second  half  of 
2002  and  all  of  last  year. 

And  the  pricing  gap  has 
been  widening,  despite  reduc¬ 
tions  in  Cisco’s  prices,  Fabbi 
said.  Cisco  believes  it  “can  get 
away  with  charging  more  for 
the  majority  of  cases  because 
most  enterprises  will  buy  Cis¬ 
co  products  by  default,”  Fabbi 
and  fellow  analyst  Bob  Hafner 
wrote  in  a  presentation  pre¬ 
pared  for  Gartner’s  spring 
Symposium/ITxpo  2004  con¬ 
ference  last  month. 

Many  users  buy  Cisco  prod¬ 
ucts  no  questions  asked  when 
they  could  get  the  company  to 
lower  its  prices  just  by  open¬ 
ing  up  an  equipment  purchase 
to  competitive  bidding,  said 
Zeus  Kerravala,  an  analyst  at 


The  Yankee  Group  in  Boston. 
“It’s  shocking  how  few  Cisco 
customers  bid  out  to  other 
vendors,”  he  said. 

SouthTrust  Bank  in  Birming¬ 
ham,  Ala.,  spends  more  than 
$2  million  a  year  with  Cisco. 
But  Stanley  Adams,  the  bank’s 
group  vice  president  of  net¬ 
work  services,  said  he  asks 
other  vendors  to  bid  against 


Cisco,  resulting  in  more  com¬ 
petitive  pricing  from  Cisco. 

The  perception  that  Cisco  is 
more  expensive  “is  probably 
true,”  at  least  in  upfront  costs, 
Adams  said.  But,  he  added, 

“we  are  not  really  willing  to 
pay  a  premium.”  Adams 
wouldn’t  disclose  specific  in¬ 
formation  about  Cisco’s  pric¬ 
ing  for  SouthTrust. 


SWITCH  COSTS 


Average  selling  prices  for  Ethernet  switches,  per  port 


GMAC  Commercial  Mort¬ 
gage  Corp.  in  Horsham,  Pa., 
built  its  1-year-old  IP  telepho¬ 
ny  system  around  gear  from 
Nortel  Networks  Ltd.  after 
Nortel  underbid  Cisco.  But 
Cisco  remains  the  company’s 
data  networking  provider,  a 
position  it  has  held  for  the 
past  six  years,  said  Stephen 
Benson,  vice  president  of 
global  corporate  technology 
strategy.  “On  large  technology 
upgrades,  we  take  bids  from 
vendors  other  than  Cisco, 
such  as  Nortel  for  voice,”  he 
said.  “But  we  already  have  an 
investment  in  training  and 
people  knowledgeable  about 
Cisco.  And  everybody  knows 
that  eight  out  of  10  network 
engineers  are  Cisco  heads  be¬ 
cause  Cisco  has  such  a  preva¬ 
lent  market  share.” 

Cisco  executives  sought  to 
dispel  the  notion  that  its  prod¬ 
ucts  are  automatically  higher 
priced,  claiming  that  it  beats 
competitors  in  several  areas. 
For  example,  Cisco’s  Catalyst 
6500  switch  is  less  expensive 
than  similar  10  Gigabit  Ether¬ 


net  products  from  several 
rivals,  said  Mario  Mazzola, 
Cisco’s  chief  development  of¬ 
ficer  (see  interview,  page  8). 

Like  many  other  users,  Jeff 
Jacobs,  a  senior  network  de¬ 
sign  engineer  at  HealthNet 
Inc.  in  Sacramento,  said  higher 
prices  are  a  fair  trade-off  for 
Cisco’s  full  range  of  services 
and  its  responsiveness  to  cus¬ 
tomers.  He  also  noted  that 
Cisco  is  a  safe,  stable  choice 
compared  with  many  of  its 
networking  rivals. 

“Cisco  is  a  financially  sound 
company  —  and  I’m  stating 
the  obvious  there,  right?  —  so 
there  is  a  certain  peace  of 
mind  that  comes  from  pur¬ 
chasing  their  products,”  Ja¬ 
cobs  said.  “There  is  no  realis¬ 
tic  danger  of  Cisco  not  being 
around  to  support  their  prod¬ 
ucts.”  ©  46376 


TCO  CONSIDERATIONS 


Users  say  purchase  price  is  just  one  part  of 
the  total  cost  of  ownership  equation,  and 
they  give  Cisco  an  edge  in  overall  value: 
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Cisco’s  R&D  chief  Mario  Mazzola  defends  the  company’s  pricing; 

EMC  CEO  Joe  Tucci  says  the  storage  vendor  needs  to  be  ‘very  competitive’  on  bids 


BY  LUCAS  MEARIAN 

Do  you  miss  the  days  when  EMC  could 
charge  premium  prices  for  disk  arrays, 
and  do  you  see  a  time  when  that  will 
come  back?  TUCCI:  Unfortunately,  on  my 
shift,  we  never  had  a  lot  of  those  times.  I 
never  really  got  a  lot  of  that  enjoyment.  It’s 
a  great  position  to  be  in,  though.  Do  I  see 
those  times  coming  back?  I  really  don’t.  I 
think  it’s  going  to  stay  a  really  competitive 
market.  Customers  today  are  incredibly 
cost-conscious.  We  have  to  give  the  best 
value  proposition  to  customers  at  a  very 
competitive  price.  If  we  do  that  better  than 
anybody  else,  which  at  the  moment  I  think 
we’re  doing  . . .  [we’re]  going 
to  grow  and  prosper. 


Do  you  think  you  may  be 
able  to  raise  hardware 
prices  again,  say,  when  IT 
spending  recovers?  It’s 
certainly  not  an  option  I’m 
banking  on  or  considering. 
We  will  continue  to  bring 
down  pricing. 


EMC  has  always  been  seen  as 
among  the  most  proprietary  of 
hardware  and  software  vendors 

out  there.  I  don’t  know  about  the  _ 

past,  but  I  don’t  see  ourselves  like 
that  at  all.  In  everything  we’re  doing  now  in 
the  open-software  groups,  whether  it  be 
our  own  open-software  division,  which 
EMC  formed  a  year  and  a  half  ago,  or 
whether  it  be  in  Documentum,  Legato  or 
VMware,  these  are  absolutely  as  open  as 
any  products  on  the  market. 

On  the  hardware  side,  all  hardware  fun¬ 
damentally  works  differently.  So  there’s  no 
way  EMC  is  more  proprietary  than  Hitachi 
or  [IBM],  HP  or  anybody  else 
that’s  out  there.  As  a  matter  of 
fact,  we  are  the  first  vendor  to 
have  all  our  major  systems  to 
beSMI-S  compliant. 

Some  reputations  you  de¬ 
serve.  If  we  have  that  reputa¬ 
tion  out  there . . .  there’s  no 
basis  in  fact. 


Q&A 


EMC’s  sales  force  has 
had  a  reputation  for  being 
haughty  and  arrogant. 

What  did  you  do  to 
change  that?  I  do  not  hear 
that  anymore.  I  think  cus¬ 
tomer  after  customer  has 
said  we  have  made  just 
massive  progress  on  that 
front.  How  did  we  change  it? 

It’s  basically  a  reward  and 
punishment  system.  If  you  [do]  it,  you’re 
going  to  be  fired.  If  you  behave  the  way  you 
like  to  be  treated  personally,  those  are  the 
kind  of  salespeople  who  will  be  rewarded 
with  the  better  jobs  and  promotions. 

Certainly,  we  had  some  reputation  in 
that  area,  which  we  didn’t  like,  but  the  vast 
majority  of  our  sales  force  was  fine.  We 
had  a  few  kind  of  fringe  [elements],  A  lot  of 
those  people  have  been  replaced. 

So  one  of  the  steps  you  took  was  get¬ 
ting  rid  of  the  haughty  salespeople? 

Absolutely.  There  were  a  lot  of  pink  slips 
handed  out  to  people  I  thought  were  not 
going  to  change. 


I  think 
it’s  going 
to  stay  a  really 
competitive 
market.  Cus¬ 
tomers  today 
are  incredibly 
cost-conscious. 

JOE TUCCI 


What’s  your  view  of  shared 
APIs  and  standards  like 
SMI-S?  Are  they  a  good 
thing,  or  a  necessary  evil 
that  you  need  to  support? 
[The  Storage  Networking  In¬ 
dustry  Association]  put  out  a 
list  of  80  products  that  passed 
the  SMI-S  compliance  test. 
Fifty  percent  of  those  were 
EMC  products.  That  just  rein¬ 
forces  the  level  of  investment 
that  EMC  is  making  to  drive 
these  standards  forward  and  to  make  sure 
customer  adoption  is  as  quick  as  possible. 

Are  you  having  difficulty  knitting  to¬ 
gether  all  the  software  you've  ac¬ 
quired?  It’s  a  matter  of  degree.  Software 
in  some  cases  and  hard¬ 
ware  in  some  cases  is 
loosely  knit  together  today, 
and  in  some  cases  it’s 
tightly  knit.  It’s  a  journey, 
and  we  do  a  pretty  good 
job  laying  it  out  for  cus¬ 
tomers:  Here’s  what  we 
have  today,  and  here’s  our 
road  map.  ©  46358 


BY  MATT  HAMBLEN 

Is  the  reputation  that  Cisco  prod¬ 
ucts  are  higher  priced  than  rival 
ones  fair?  And  why  do  you  think 
you  have  so  many  customers,  if 
that’s  the  case?  MAZZOLA:  Our  ap¬ 
proach,  which  has  been  crucial  for  the  suc¬ 
cess  of  Cisco,  is  to  look  at  all  the  different 
requirements  that  make  sense  for  cus¬ 
tomers.  So  we  do  consider  excellence  in 
technology  innovation  as  a  necessary  con¬ 
dition,  and  also  the  service  part  of  the 
sales  engagement  and  the  relationship 
with  customers  as  equally  important. 

Our  products  are  based  on  a  lot  of  reac¬ 
tion  from  customers.  We 
consider  what  are  the  real 
problems  and  challenges 
they  face.  In  terms  of  the 
cost  or  price  of  our  prod¬ 
ucts,  obviously  what  is  really 
relevant  for  our  customers 
is,  what  is  the  total  cost  of 
ownership?  That  includes 
the  opportunities  to  deploy 
in  a  timely  fashion  and 
with  [the  ability]  to  overlay 
new  services  [on  existing 
hardware]. 


In  an  extended  version  of  his  inter¬ 
view,  Joe  Tucci  discusses  EMC’s 
relationships  with  IBM  and  Microsoft: 

QuickLink  46431 


Mario  Mazzola  talks  about  Cisco’s 
approach  to  VoIP  and  the  future 
of  networking  technology: 

QuickLink  46294 
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But  what  about  pricing  of 
products?  We  make  a  point 
in  terms  of  our  strategic 
process  for  development  to 
look  simultaneously  at  three 
major  points.  And  actually, 
the  very  first  in  importance 
is  the  price  and  perfor¬ 
mance.  We  don’t  want  to 
shy  away  from  producing 
the  best  price/performance 
type  of  product. 

The  second  point  is  to  have  more  flexi¬ 
bility  and  more  intelligence  and  more 
adaptability  in  our  net¬ 
works.  The  third  one  is  to 
have  global  architectures 
which  are  long-standing. 
We  try  to  create  architec¬ 
tures  which  have  a  long  life 
and  do  not  require  any  type 
of  forklift  upgrade. 

Specifically  in  the 
price/performance  area,  if 


In  terms 
of  the 
cost  or  price  of 
our  products, 
obviously  what 
is  really  rele¬ 
vant  for  our  cus¬ 
tomers  is,  what 
is  the  total  cost 
of  ownership? 

MARIO  MAZZOLA 


you  look  at  the  last  18  months,  in  the 
case  of  LAN  switching  we  have  the  best 
price/performance  in  Gigabit  Ethernet  in¬ 
terface  switching.  Currently,  we  are  ship¬ 
ping  about  35%  of  ports  of  10/100/1000. 
[We  have]  by  far  the  best  price  per  port  in 
the  industry.  It’s  a  really  very  competitive 
product  offering. 

The  same  applies  to  10  Gigabit  Ether¬ 
net.  We  honestly  believe  we  have  the  best 
pricing  for  10  Gigabit  Ethernet  on  our  Cat¬ 
alyst  6500  [switches]  compared  to  a 
few  other  companies,  based  on  price  per 
port.  These  are  not  small  examples.  LAN 
switching  is  close  to  50%  of  our  product 
revenues. 

What  does  Cisco  claim  is 
the  price  difference  in 
these  cases?  It’s  always  dif¬ 
ficult  to  compare.  In  a  few 
cases  with  10  Gigabit  -  the 
competitors  are  ForcelO  and 
Foundry  and  most  recently 
Extreme  -  it  is  more  than  a 
15%  price  advantage. 

It’s  a  complete  price  ad¬ 
vantage  when  you  consider 
that  we  are  not  asking  for  a 
forklift  upgrade  to  10  Gigabit 
but  can  leverage  the  existing 
switch  chassis  and  interface, 
which  is  not  applicable  to  the 
competition. 

In  relevant  cases,  we  have 
been  able  to  be  competitive  on 
price  per  port.  The  reason  for 
this  is  we’ve  been  able,  even 
in  a  downturn  in  the  economy, 
to  maintain  a  really  high  level 
of  investment  in  engineering. 

As  a  result  of  that,  our  investments  in 
ASICs  and  programmable  processors  are 
showing  up  in  products,  which  are  emi¬ 
nently  cost-effective  in  terms  of  bandwidth 
[improvements]  and  in  terms  of  feature 
richness. 

We’ve  spent  $3.3  billion  per  year  in  the 
last  two  years  in  engineering.  It’s  not  a 
question  of  being  superhuman  or  perform¬ 
ing  miracles;  it’s  because  we've  been 
keeping  up  with  our  investments.  This 
means  that  we  can  put  a  great  deal  of  em¬ 
phasis  on  new  technologies.  ©  46377 
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Secure, 
Reliable, 
Freedom  and 
Flexibility 


Introducing  a  new  era  of  secure,  corporate  business  freedom 
and  flexibility  —  Nokia  Mobile  Connectivity  solutions. 


Employees  throughout  an  enterprise  want  to  be 
more  mobile  and  productive  —  and  this  can  be 
realized  thanks  to  Nokia  Mobile  Connectivity  solutions. 
CIOs  and  IT  managers  can  provide  the  mobility  and 
security  of  anytime,  anywhere  access  to  users  — 
while  empowering  everyone  from  the  CEO  to  field 
salesforce  teams  with  the  information  needed  to  do 
their  work  where  and  when  they  choose.  Nokia 
Mobile  Connectivity  solutions  include  a  range  of  IPSec- 
and  SSL-based  client  and  gateway  products  that 


provide  secure,  appropriate  access  to  corporate 
email  and  applications.  Enterprises  will  discover  new 
levels  of  efficiency  from  their  workforce,  while 
giving  them  greater  freedom  to  manage  their  business 
and  personal  lives.  All  solutions  are  easy  to  deploy 
and  manage,  are  based  on  award-winning  technology 
and  are  backed  by  Global  Support  and  Services. 

So  if  you  want  greater  working  freedom  that’s  IT 
approved,  go  ahead  and  escape. 
Visitwww.nokia.com/mobileaccess/americas 
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AT  DEADLINE 


PeopleSoft  Sales 
Hurt  by  Oracle  Bid 

PeopleSoft  Inc.  reported  a  first- 
quarter  profit  of  S24.2  million  on 
revenue  of  S643.1  million.  The 
revenue  total  exceeded  the  soft¬ 
ware  vendor’s  forecast,  but  CEO 
Craig  Conway  said  some  sales 
were  delayed  or  lost  to  rivals  dur¬ 
ing  the  quarter  because  of  Oracle 
Corp.’s  ongoing  takeover  bid. 
“Some  of  those  deals  can’t  wait,” 
he  said  during  a  conference  call. 
“They  close  for  our  competitors.” 


European  Officials 
Make  Ruling  Public 

The  European  Commission  pub¬ 
licly  released  its  302-page  ruling 
that  Microsoft  Corp.  illegally  used 
its  Windows  monopoly  power  to 
gain  advantages  for  its  work¬ 
group  server  operating  systems 
and  Media  Player  software.  The 
release  prompted  a  strenuous 
rebuttal  from  Microsoft,  which 
claimed  in  a  memo  that  last 
month’s  ruling  will  alter  market 
dynamics  and  reduce  incentives 
to  invest  in  development. 


Network  Associates 
To  Sell  Sniffer  Line 

Network  Associates  Inc.  an¬ 
nounced  plans  to  sell  off  its  Snif¬ 
fer  line  of  network  management 
software  and  focus  on  IT  securi¬ 
ty  products  and  services.  The 
company  is  also  changing  its 
name  to  McAfee  Inc.  as  part  of 
the  reorganization.  It  agreed  to 
seli  the  Sniffer  assets  to  invest¬ 
ment  firms  Silver  Lake  Partners 
LP  and  Texas  Pacific  Group  for 
$275  million  in  cash. 


Vendors  Promise 
Grid  Specifications 

A  group  of  vendors  that  includes 
Oracle,  Cisco  Systems  Inc.,  EMC 
Corp.,  Hewlett-Packard  Co.  and 
Sun  Microsystems  Inc.  said  it 
plans  to  develop  open  technology 
specifications  for  grid  comput¬ 
ing.  But  neither  IBM  nor  Micro¬ 
soft  has  joined  the  group  yet. 


CAIJ  TUC  ft  1  ADI/  i  HOT  TECHNOLOGY  TRENDS,  NEW  PRODUCT 
Um  I  IlL  IV1AI1VI  i  NEWS  AND  INDUSTRY  GOSSIP  by  MARK  HALL 


Nab  Bad  Guvs  Trying 
To  Download . . . 

. . .  software  so  you  can  keep  your  job  and  stay  out  of  jail. 

Well,  you  might  end  up  in  the  slammer  for  other 
reasons,  but  if  you  use  the  new  service  from  Open 
Harbor  Inc.,  it  won’t  be  because  you  let  Osama  bin 
Laden  get  hold  of  your  bits  and  bytes.  The  San 


Carlos,  Calif. -based  online 
service  for  global  traders  is 
unveiling  a  service  this  week 
to  protect  companies  whose 
software  can  be  downloaded 
over  the  Internet.  According 
to  Beth  Peterson,  the  compa¬ 
ny’s  vice  president  of  prod¬ 
ucts,  the  ser¬ 
vice  uses 
restricted- 
party  screen¬ 
ing  (RPS)  lists 
from  the  U.S., 
Canada,  Japan 
and  other 
countries  to 
check  e-mail 
addresses, 
domains,  IP  addresses  and 
other  information  to  identify 
sources  forbidden  to  receive 
goods  from  suppliers.  Open 
Harbor’s  automated  RPS 
checks  had  been  limited  to 
hard  goods,  but  software, 
whether  commercial  pack¬ 
aged  products  or  your  home¬ 
grown  code,  must  also  com¬ 
ply  with  government  export 
restrictions.  That’s  why  BEA 
Systems  Inc.  in  San  Jose  be¬ 
came  the  first  software  com¬ 


pany  to  use  Open  Harbor’s 
service.  Carey  Garibay,  BEA’s 
senior  director  of  sales,  says 
that  in  order  to  comply  with 
export  laws,  her  company 
previously  used  “an  extreme¬ 
ly  labor-intensive”  manual 
process  to  check  download 
source  information.  Given  a 
daily  average  of  5,000  down¬ 
loads,  she  says,  Open  Har¬ 
bor’s  service  freed  a  lot  of 
folks  from  hard  work.  And, 
maybe,  BEA’s  execs  from  do¬ 
ing  hard  time. 

Fanatical  fans,  foolish¬ 
ness  and  fraud . . . 

. . .  prompted  Bill  Schlough, 
CIO  of  the  San  Francisco 
Giants,  to  install  the  Mail- 
Frontier  Enterprise  Gateway 
from  MailFrontier  Inc.,  locat¬ 
ed  in  nearby  Palo  Alto.  He 
says  irate  fans  sometimes  put 
team  executives  on  endless 
mail  lists,  and  on  occasion,  a 
user  would,  as  he  delicately 
put  it,  “practice  poor  e-mail 
etiquette,”  resulting  in  a  del¬ 
uge  of  spam  from  salacious 
sites.  But  it  was  the  threat  of 
fraud  that  prompted  Schlough 


to  get  MailFrontier  to  protect 
his  150  business  users.  “Fraud 
pushed  us  over  the  edge,” 
Schlough  says.  The  elaborate 
schemes  criminals  use  to  get 
passwords,  credit  card  num¬ 
bers  and  other  personal  data 
“are  hard  enough  for  tech 
types  to  determine,”  so  he 
doesn’t  expect  end  users  to 
detect  them.  Because  the 
virus  crisis  first  hit  in  the 
1990s  and  the  spam  slam  only 
recently,  Schlough,  like  most 
CIOs,  has  two  separate  ven¬ 
dors  with  distinct  point  prod¬ 
ucts  to  fight  the  evil  twin  at¬ 
tackers  of  e-mail.  But,  he  says, 
“an  integrated  approach  may 
be  our  next  step”  for  overall 
message  management. 

Track  down 
security  threats . . . 

. . .  and  even  locate  and  moni¬ 
tor  VoIP  devices  on  your 
WAN  when  Neon  Software 
Inc.  in  Lafayette,  Calif.,  on 
Wednesday  releases  the 
8.5  upgrade  to  its  network¬ 
mapping  tool,  LANsurveyor. 
The  new  version  polishes  up 
its  router  interface  connec¬ 
tion  management  functions 
and  leverages  Active  Directo¬ 
ry  to  help  push  agent  soft¬ 
ware  to  connected  clients. 
You  can  also  use  LANsurvey¬ 
or  to  find  and  shut  off  unse¬ 
cure  rogue  wireless  access 
points  as  well  as  to  monitor 
and  manage  Session  Initiation 
Protocol  devices  such  as  VoIP 
handsets.  The  tool  lacks  some 
key  network  management 
features  of  competing  prod¬ 
ucts  such  as  OpenView  and 
Unicenter,  but  since  it  starts 
at  $495,  it  also  lacks  their 
hefty  price  tags. 

Apple  to  challenge 
SAN  market  pricing . . . 

. . .  with  its  fall  ’04  release 
of  Xsan,  its  storage-area  net¬ 
work  file  system  for  Mac  OS 
X.  In  beta  now,  Xsan  includes 
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The  time  it 
takes  Open 
Harbor  to  re¬ 
view  8  million 
trade  rules 


cascading  fail-over,  volume 
management,  multipathing 
and  other  advanced  SAN 
features.  Positively  retro, 
however,  is  the  $995  price. 
Moreover,  Tom  Goguen,  di¬ 
rector  of  storage  software  at 
Apple  Computer  Inc.,  brags 
that  before  the  end  of  the 
year,  you’ll  be  able  to  deploy 
a  full  hardware/software  SAN 
system  from  Apple  for  about 
$30,000,  “compared  to  the 
$200,000  IBM,  Sun  and  oth¬ 
ers  charge.”  You  Windows, 
AIX  and  Solaris  types  need 
not  feel  left  out.  Certified 
third-party  tools  are  already 
available  to  link  you  into  the 
Apple  SAN. 

CIO  puts 
IT  on  app 
diet . . . 

. . .  and  exer¬ 
cises  those 
that  he  keeps 
beyond  their 
normal  limits. 
“We  need  to 
get  by  with  a 
lot  fewer  ap¬ 
plications  in 
our  portfolio, 
and  we  need 
the  ones  we 
keep  to  do  more,”  says  Marty 
Howard,  senior  vice  presi¬ 
dent  and  CIO  at  Patient  Care, 
a  regional  home  health  pro¬ 
vider  in  West  Orange,  N.J.  His 
goal  is  to  run  only  three  en¬ 
terprise  apps  —  and  all  of 
those  he  plans  to  have  hosted 
off-site,  as  he’s  already  doing 
with  his  CRM  service  from 
Salesforce.com  Inc.  in  San 
Francisco.  Howard  says  he’s 
pushed  Salesforce.com  be¬ 
yond  its  everyday  customer 
management  features  to  be¬ 
come  Patient  Care’s  patient¬ 
tracking  and  help  desk  appli¬ 
cation.  And  he’ll  be  tossing 
out  a  slew  of  legacy  custom 
software  in  favor  of  a  hosted 
app  this  summer.  “With  fewer 
apps  to  manage,”  Howard  ar¬ 
gues,  “IT  becomes  a  driving 
force  in  the  business  and  not 
just  a  DP  shop.”  ©  46400 


plans  to  get 
the  most  out  o' 
his  remaining 
enterprise 
apps  -  but  he’l 
push  them  off¬ 
site  to  do  so. 


COMPANIES  THAT 
THOUGHT  THEY 
COULDN’T  AFFORD  SAP 
RUN  SAP 


You  don’t  have  to  be  big  to  think  big.  Or  to  run  SAP.®  With  a  variety  of  solutions  for  small  and  midsize  businesses,  SAP  is  an  affordable  choice 
for  growing  companies.  Working  with  partners  experienced  in  your  industry,  SAP  can  deliver  scalable  solutions  to  make  your  business  run 
more  efficiently.  And  do  it  faster  than  you  ever  thought  possible.  Visit  sap.com/value  or  call  800  880  1727  to  see  big  ideas  for  your  company. 


@2004  SAP  AG.  SAP  and  the  SAP  logo  are  trademarks  and  registered  trademarks  of  SAP  AG  in  Germany  and  several  other  countries. 
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IBM  Refocuses  WebSphere  on 
Service-oriented  Architectures 


Vendor  claims  approach  will  help 
companies  gain  business  flexibility 


BY  CAROL  SLIWA 

bm  last  week  unveiled 
an  update  to  its  Web¬ 
Sphere  software  line  and 
a  set  of  services  intended 
to  assist  companies  building 
out  service-oriented  architec¬ 
tures  —  a  development  ap¬ 
proach  the  vendor  claims  is 
essential  for  users  to  respond 
to  changing  business  needs. 

Bob  Sutor,  director  of  Web¬ 
Sphere  software,  said  cus¬ 
tomers  can  expect  a  “multi¬ 
month  blitz  of  news”  from 
IBM  focused  on  service- 
oriented  architecture  (SOA). 

Companies  that  use  an  SOA 
approach  develop  applications 
by  assembling  software  com¬ 
ponents,  or  services,  that  de¬ 
fine  reusable  business  func¬ 
tions  or  processes. 

IBM’s  new  WebSphere  Busi¬ 
ness  Integration  (WBI)  Server 
Foundation  Version  5.1,  the  re¬ 
placement  for  the  enterprise 
edition  of  its  application  serv¬ 
er,  adds  support  for  the  Busi¬ 
ness  Process  Execution  Lan¬ 
guage  (BPEL)  for  Web  Ser¬ 
vices,  which  Sutor  said  will 
help  with  building  SOAs. 

The  XML-based  BPEL  can 
be  used  to  define  how  busi¬ 
ness  processes  interact,  in¬ 
cluding  the  order  in  which 
tasks  must  be  performed  and 
the  types  of  data  to  be  shared. 
IBM,  Microsoft  Corp.  and  BEA 
Systems  Inc.  published  the 
BPEL  specification  in  August 
2002  and  submitted  it  to  the 
Organization  for  the  Advance¬ 
ment  of  Structured  Informa¬ 
tion  Standards. 

Few  Users  Yet 

But  with  the  BPEL  standard 
yet  to  be  finalized,  few  compa¬ 
nies  have  used  it,  in  part  be¬ 
cause  major  vendors  haven’t 
released  products  supporting 
it,  said  Jason  Bloomberg,  an 
analyst  at  ZapThink  LLC  in 
Waltham,  Mass.  Bloomberg 


said  he  expects  WBI  Server 
Foundation  to  drive  BPEL 
adoption  among  large  compa¬ 
nies  that  are  customers  of 
IBM’s  software  and  profes¬ 
sional  services.  He  cited  man¬ 
ufacturers  as  likely  users, 
since  they  have  the  sort  of 
business  processes  that  could 
be  automated  using  BPEL. 

Clearly,  some  IBM  customers 
have  been  building  SOA-based 
frameworks  without  BPEL  or 
WBI  Server  Foundation.  Wall 
Street  Access  Corp.,  a  Manhat¬ 
tan-based  brokerage,  drew  up 
its  SOA  plan  about  a  year  ago 
and  built  standards-based  in¬ 
terfaces  using  the  Web  Ser- 


But  idea  to  convert 
used  HP  9000s  to 
run  MPE  unsettled 

BY  PATRICK  THIBODEAU 

In  a  turnabout  forced  by  pres¬ 
sure  from  HP  e3000  users, 
Hewlett-Packard  Co.  has  re¬ 
opened  the  possibility  of  en¬ 
abling  users  to  convert  exist¬ 
ing  HP  9000  hardware  into 
e3000  systems  that  run  the 
propriety  MPE  operating  sys¬ 
tem  and  its  applications. 

HP  stopped  selling  new 
e3000s  last  fall,  so  the  systems 
can  now  be  purchased  only 
from  dealers  of  used  equip¬ 
ment.  The  ability  to  convert  a 
used  HP  9000  so  that  it  runs 
MPE  would  give  users  “a  sur¬ 
plus  of  hardware”  for  keeping 
the  e3000  alive  after  HP  ends 
its  support  in  2006,  said  Ron 
Horner,  legacy  systems  super¬ 
visor  at  Lady  Remington  Jew¬ 
elry  in  Bensenville,  Ill. 

HP  previously  said  users 
wouldn’t  be  offered  that  con- 


vices  Description  Language 
for  its  market  data,  back-office 
transaction,  order  manage¬ 
ment,  compliance,  rules  engine 
and  security  services. 

Peter  Underwood,  vice 
president  of  software  develop¬ 
ment  at  Wall  Street  Access, 
said  the  firm  has  no  need  for 
BPEL,  since  it  doesn’t  require 
workflow  management  of  in¬ 
formation.  Because  of  that, 
WBI  Server  Foundation  would 
be  “prohibitive”  at  $49,000  per 
processor,  he  added.  Wall 
Street  Access  currently  uses 
the  lower-priced  network  edi¬ 
tion  of  WebSphere  Applica¬ 
tion  Server,  Underwood  said. 

New  York-based  Cendant 
Corp.,  however,  does  plan  to 
evaluate  WBI  Server  Founda¬ 
tion  for  the  message-oriented 


version  option.  But  in  a  recent 
letter  to  the  OpenMPE  user 
advocacy  group,  HP  said  that 
as  a  result  of  input  from  the 
group’s  board,  it  has  “re¬ 
opened”  the  topic  for  consid¬ 
eration.  It  promised  an  update 
in  June  but  not  necessarily  a 
final  decision. 

Converting  the  HP  9000, 
however,  would  address  only 
one  aspect  of  keeping  the 
e3000  alive.  Users  also  want 
HP  to  turn  over  MPE  operating 
system  source  code  to  a  third 
party  to  maintain  and  possibly 
enhance  with  new  features. 

Users,  who  are  feeling  in- 

I  don’t  think 
HP  really 
understood  what 
they  were  going 
up  against. 

RON  HORNER,  LEGACY  SYSTEMS 
SUPERVISOR.  LADY  REMINGTON 
JEWELRY 


middleware,  event-driven  no¬ 
tification  and  other  enterprise 
service  bus  types  of  function¬ 
ality,  according  to  Robert 
Wiseman,  chief  technology  of¬ 
ficer  of  the  company’s  Travel 
Distribution  Services  division. 

Firmly  committed  to  an 
SOA-based  framework,  Cen¬ 
dant  already  has  built  Web  ser¬ 
vices  to  expose  extensive  travel 
content  and  functionality  from 
internal  and  external  sources. 
The  company  this  year  hopes 
to  add  a  host-access  network  to 
further  consolidate  regional 
travel  information,  such  as  rail 
and  ferry  schedules,  from  the 
proprietary  systems  of  its  ex¬ 
ternal  partners  into  a  single, 
service-based  object  layer  that 
its  Web  services  can  access, 
Wiseman  said.  ©  46417 


creasing  pressure  to  plan  for 
migration  as  the  deadline 
draws  closer,  have  been  push¬ 
ing  HP  to  decide  whether  it 
will  release  the  source  code. 

In  a  recent  survey  by  Interex, 
a  Sunnyvale,  Calif.-based  HP 
user  group,  respondents  said 
a  decision  on  third-party 
source  code  custody  is  their 
top  priority  this  year. 

However,  HP  said  in  its  let¬ 
ter  that  no  decision  on  the 
source  code  issue  will  be 
made  until  the  second  half  of 
2005.  It  cited  a  list  of  reasons, 
including  “significant  plan¬ 
ning  and  investigation”  involv¬ 
ing  a  range  of  technical,  legal 
and  business  factors. 

That’s  an  unpopular  posi¬ 
tion  and  “plants  the  seed  in 
people’s  minds  that  they  are 
just  stringing  us  along,”  said 
John  Burke,  an  e3000  consul¬ 
tant  in  Folsom,  Calif. 

The  e3000  user  community 
is  very  active,  and  mailing 
lists  receive  a  lot  of  traffic. 
Users  trying  to  extend  the 
usefulness  of  the  e3000,  as 
well  as  minimize  the  risk  in¬ 
volved  with  “homesteading” 

—  running  the  system  beyond 
2006  —  are  pushing  HP  to 


HP  Responds  to  Pressure 
From  Anxious  e3000  Users 


IBM  WebSphere 
Business  Integration 
Server  Foundation 

The  updated  and  renamed  ver¬ 
sion  of  WebSphere  Application 
Server  Enterprise  features: 

■  Native  support  for  BPEL  for 
Web  Services 

■A  technical  preview  of  Com¬ 
mon  Event  Infrastructure  for  man¬ 
aging  the  creation,  transmission 
and  distribution  of  business,  sys¬ 
tem  and  network  events 

■  Bundled  copies  of  DB2  and 
the  Tivoli  LDAP  server 

■  Support  for  business  rules  and 
human  workflow 

■  WebSphere  Business  Integra¬ 
tion  Modeler  and  Monitor  support 
(second  half  of  2004) 

■  Support  for  z/OS  (second 
quarter)  and  iSeries  (third  quar¬ 
ter).  WBI  Server  Foundation  cur¬ 
rently  runs  on  AIX,  HP-UX,  Linux, 
Solaris  and  Windows. 


provide  definitive  answers. 

It’s  a  good  sign  that  HP  is 
continuing  to  discuss  these  is¬ 
sues,  said  Horner,  who  along 
with  Burke  is  a  board  member 
of  Hagerstown,  Md.-based 
OpenMPE.  “It’s  better  than 
silence,”  he  said. 

“I  don’t  think  they  really  un¬ 
derstood  the  backlash  they 
were  going  to  get  by  announc¬ 
ing  the  end  of  MPE,”  Horner 
said.  “I  don’t  think  HP  really 
understood  what  they  were 
going  up  against.” 

Converting  an  HP  9000  to  an 
e3000  is  possible  because  the 
two  systems  share  similar  ar¬ 
chitectures  and  use  PA-RISC 
processors,  said  David  Wilde, 
HP’s  e3000  business  manager. 

But  that  conversion  applies 
only  to  particular  models  of 
HP  9000  systems.  Differences 
in  firmware  and  various  com¬ 
ponents  may  make  it  impossi¬ 
ble  in  some  cases,  said  Wilde. 
“It  is  something  we  are  inves¬ 
tigating,”  he  said.  Wilde  made 
it  clear  that  users  won’t  be  able 
to  purchase  new  HP  9000  sys¬ 
tems  and  boot  MPE  on  them. 
Porting  MPE  to  the  HP  9000  in 
that  sense  isn’t  even  under  con¬ 
sideration,  he  said.  ©  46422 


INNOVATIVE  TECHNOLOGY  2004  AWARDS 


Call  for 

Nominations 

Using  a  Hot  Technology  with  Real  Business  Value?  Nominate  your 
vendor  for  Computerworld’s  Innovative  Technology  2004  Awards 


COMPUTERWORLP 

INNOVATIVE 

TECHNOLOGY 


For  these 
special  awards, 
we’re  asking 
IT  customers  - 


2004  AWARDS 


Computerworld’s 

readers  —  to 
nominate  the 
vendors  they  believe  offer  leading-edge 
technology  products  or  services  that 
provide  business  value  to  customers. 


Eligible  Nominees 

Computerworld’s  Innovative  Technology  awards 
are  “customer  choice,”  which  means  Computerworld  is 
asking  those  companies  that  use  technology  (but  don't 
produce  or  sell  it)  to  nominate  vendors.  The  awards  are 
devoted  to  identifying  truly  breakthrough  technology  - 
from  vendors  with  long  histories  or  those  new  to  the  indus 
try  -  and  showcasing  how  leading  organizations  are  using 
this  technology  to  achieve  business  payback. 

- - - - — 

Evaluation  &  Results 

From  May  17  to  June  14, 2004.  Computerworld  will  survey 
those  vendor  nominees  about  their  technology  applica¬ 
tions.  A  panel  of  outside  experts  and  Computerworld  edi¬ 
tors  will  then  review  the  surveys  and  choose  the  winners. 
Survey  results  and  stories  that  offer  practical  advice  from 
IT  leaders  using  these  technologies  will  be  published  in  the 
September  13, 2004  issue  of  Ccmputerworld,  as  wei!  as 
online  at  Computerworld.com. 


Nominate  online  at  www.computerworld.com/research/innovativetech 

from  now  through  May  10, 2004.  Questions?  Contact  innovativetech@computerworld.com 
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Sales  Up,  Profits 
Down  at  Microsoft 

Microsoft  Corp.  reported  a  17% 
year-over-year  revenue  increase 
for  its  third  quarter  and  said  all 
product  divisions  met  or  exceeded 
sales  expectations.  Revenue  to¬ 
taled  S9.18  billion  in  the  quarter 
that  ended  March  31.  But  profits 
fell  38%  from  the  year-earlier 
level  to  $1.32  billion.  The  drop-off 
was  partly  due  to  $1.89  billion  in 
charges  stemming  from  an  anti¬ 
trust-related  fine  imposed  by  Eu¬ 
ropean  officials  and  Microsoft’s 
legal  settlement  with  Sun  Micro¬ 
systems  Inc.  [QuickLink  45957]. 


MCI  Emerges 
From  Bankruptcy 

MCI  Inc.  emerged  from  Chapter  11 
bankruptcy  protection,  six  months 
after  a  federal  judge  approved  its 
financial  reorganization  plan.  The 
company,  which  formally  changed 
its  name  from  WorldCom  Inc.  last 
week,  said  it  currently  has  about 
$6  billion  in  cash  and  $5.5  billion 
in  debt.  “I  don’t  think  we  view 
this  as  the  finish  line,  but  it’s  now 
time  to  start  a  new  race,”  said 
CEO  Michael  Capellas. 


Jump  in  U.S.  Sales 
Aids  SAP’s  Profits 

SAP  AG  said  its  first-quarter  prof¬ 
its  rose  23%  year  over  year,  pri¬ 
marily  as  a  result  of  increased 
software  sales  in  the  U.S.  The 
vendor  reported  net  income  of 
$279  million  for  the  quarter,  up 
from  $220  million  a  year  earlier. 
Total  revenue  increased  just  3% 
to  $1.85  billion,  but  SAP  said  U.S. 
sales  jumped  45%.  [To  read  an 
interview  with  the  CEO  of  SAP’s 
U.S.  subsidiary,  go  to  our  Web 
site:  QuickLink  46403]. 


Short  Takes 

SiEBEL  SYSTEMS  INC.  said  it  has 
bought  EONTEC  LTD.,  a  Dublin- 
based  vendor  of  banking  soft¬ 
ware,  for  $70  million  in  cash _ 

MICROSOFT  said  it  has  agreed 
to  settle  a  pricing-related  class- 
action  lawsuit  in  Minnesota. 


Oracle  10g  Could  Ease 
DBA  Tedium,  Users  Say 


Conference  attendees  eye  upgraded 
database’s  self-management  capabilities 


BY  MARC  L.  SONGINI 

TORONTO 

RACLE  CORP.  users 
took  stock  of  the 
company’s  new  lOg 
database  here  last 
week,  saying  that  the  soft¬ 
ware’s  automated  manage¬ 
ment  and  self-tuning  features 
could  reduce  the  amount  of 
drudge  work  they  have  to  do. 

With  lOg,  Oracle  has  made 
strides  in  developing  a  data¬ 
base  that’s  easier  to  manage, 
said  Kimberly  Floss,  president 
of  the  International  Oracle 
Users  Group.  Floss  works  as  a 
database  administration  team 
leader  at  PepsiCo  Inc.’s  Bever¬ 
ages  &  Foods  unit  but  noted 
that  she  was  speaking  only  in 
her  capacity  as  head  of  the 
Chicago-based  IOUG,  which 
was  holding  its  IOUG  Live 
2004  conference  here. 

If  users  ran  into  a  problem 


with  a  SQL  statement  in  previ¬ 
ous  versions  of  Oracle’s  data¬ 
base,  “you  would  play  with  it 
and  try  to  work  your  way 
through  to  figure  out  which 
solution  was  best,”  Floss  said. 
“These  [new  features]  do  the 
work  for  you,  so  you  don’t 
have  to  spend  the  time  trying 
all  the  different  scenarios.” 

Floss  noted  that  the  auto¬ 
mated  tools  built  into  lOg  still 
require  IT  staffers  to  make 
the  final  decisions  on  code 
changes  and  other  modifica¬ 
tions.  Instead  of  replacing 
database  administrators,  the 
new  technology  frees  them 
from  tedious  tasks  and  lets 
them  focus  on  more  strategic 
matters,  she  said. 

At  the  IOUG  show,  Oracle 
executives  touted  the  virtues 
of  lOg  in  an  attempt  to  sell 
users  on  upgrading  to  the  new 
release.  “There  are  two  per- 


Application  Support 


At  the  IOUG  conference, 
Oracle  said  that: 

■  It  hopes  to  certify  by  May  or 
June  that  10g  will  work  with  the 
latest  release  of  its  E-Business 
Suite  11i  applications,  Version  5.9. 

■  The  Version  5.10  upgrade  to  Hi, 
due  this  summer,  will  include  out- 
of-the-box  support  for  lOg. 

■  PeopleSoft  and  SAP  are  ex¬ 
pected  to  certify  lOg  for  use  with 
their  applications  this  summer  and 
in  Q1 2005,  respectively. 

ceptions  that  are  no  longer 
true  —  that  [the  database]  is 
expensive  and  complex,”  said 
Ken  Jacobs,  vice  president  of 
product  strategy  and  server 
technologies  at  Oracle. 

Jacobs  declined  to  disclose 
the  number  of  users  who  have 
bought  lOg  thus  far,  but  he  said 
hundreds  participated  in  the 
beta-test  program.  He  predict¬ 
ed  that  there  will  be  a  spike  in 


installations  this  summer  as 
applications  such  as  Oracle’s 
E-Business  Suite  lli  start  to 
be  certified  for  use  with  lOg 
(see  box). 

Rich  Niemiec,  CEO  of 
TUSC,  a  Lombard,  Ill.-based 
Oracle  consulting  and  techni¬ 
cal  services  firm,  is  testing  lOg 
on  Linux  and  Solaris  systems 
as  a  stand-alone  product  and 
in  grid  computing  configura¬ 
tions.  He  said  improvements 
to  Enterprise  Manager,  Ora¬ 
cle’s  database  administration 
tool,  enable  it  to  issue  alerts 
and  recommendations,  as  well 
as  collect  statistics  on  system 
and  network  performance. 

The  new  database,  which 
began  shipping  in  January,  in¬ 
cludes  expanded  support  for 
grid  computing. 

As  leasing  contracts  on 
Unix  systems  expire,  there 
likely  will  be  an  increased 
move  toward  lOg-based  grid 
computing  setups  that  use 
clusters  of  less-expensive 
servers,  said  William  Burke,  a 
database  consultant  in  Plano, 
Texas,  and  the  IOUG’s  execu¬ 
tive  vice  president.  He  added 
that  Oracle  has  improved  the 
migration  process  with  lOg,  so 
any  upgrade  challenges  should 
be  “nominal.”  ©  46413 


Personnel,  Contract  Issues 
Complicate  BPO  Initiatives 


Users  cite  hurdles 
in  outsourcing 
of  business  units 

BY  THOMAS  HOFFMAN 

NEW  YORK 

Early  adopters  of  business 
process  outsourcing  services 
last  week  said  they  have  been 
able  to  save  money  and  im¬ 
prove  productivity  by  handing 
off  control  of  departments 
such  as  human  resources  and 
finance  and,  in  some  cases,  the 
systems  that  support  them. 

Nevertheless,  several  BPO 
users  who  spoke  at  a  confer¬ 
ence  held  here  by  market  re¬ 
search  firm  IDC  said  they 
had  to  tackle  tricky  personnel 
and  contractual  issues  and  go 
through  steep  learning  curves 


because  there  was  little  histor¬ 
ical  context  to  draw  upon. 

“Ten  years  ago,  the  solution 
was  the  hiring  of  arms  and 
legs,”  said  Donna  Kinnaird,  ex¬ 
ecutive  vice  president  at  Swiss 
Re  Life  &  Health  America  Inc. 
In  1994,  the  Stamford,  Conn.- 
based  insurer  signed  on  with 
Computer  Sciences  Corp.  to 
manage  more  than  2  million 
life  insurance  policies  and 
supporting  technology,  such 
as  an  interactive  voice  re¬ 
sponse  system. 

“Now  it’s  much  more  of  a 
value  and  knowledge  proposi¬ 
tion,”  Kinnaird  said.  She  added 
that  more-specific  perfor¬ 
mance  metrics,  such  as  how 
much  it  costs  to  manage  the 
policies,  were  worked  into  a 
10-year,  $700  million  contract 


renewal  six  months  ago. 

Still,  establishing  reasonable 
BPO  performance  metrics 
continues  to  be  a  problem  for 
users  and  vendors  alike,  said 
John  K.  Halvey,  a  partner  in 
the  technology  finance  and 
outsourcing  group  at  law  firm 
Milbank,  Tweed,  Hadley  & 
McCloy  LLP  in  New  York. 

BPO  users  often  must  con¬ 
tend  with  thorny  personnel  is¬ 
sues  as  well.  In  late  2001,  Hy¬ 
dro  One  Inc.  signed  a  10-year, 
$730  million  pact  to  outsource 
its  finance,  supply  chain  man¬ 
agement  and  CRM  operations 
to  Capgemini,  along  with  IT 
support  for  those  functions. 
But  first,  the  Toronto-based 
utility  had  to  negotiate  with 
two  labor  unions  on  a  staff- 
reduction  plan  that  was  needed 
to  achieve  its  30%  cost  savings 
target,  said  Jeffrey  Smith,  Hy¬ 
dro  One’s  director  of  finance. 

Although  most  companies 
outsource  business  processes 


to  cut  costs,  that  isn’t  always 
the  case.  Canadian  Imperial 
Bank  of  Commerce  in  2001 
signed  a  seven-year  contract 
to  outsource  management  of 
its  HR  operations  to  Electron¬ 
ic  Data  Systems  Corp.  —  a 
deal  that  it  expects  will  be 
cost-neutral  overall. 

However,  the  outsourcing 
move  was  partly  designed  to 
help  CIBC  avoid  the  need  to 
invest  “tens  of  millions  of  dol¬ 
lars”  in  IT  upgrades,  said 
Danielle  Kay,  a  senior  HR  di¬ 
rector  at  the  Toronto-based 
bank.  She  added  that  EDS  last 
year  consolidated  30  human 
resources  systems  previously 
used  by  CIBC  onto  a  common 
PeopleSoft  8.3  applications 
platform.  ©  46419 
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CA’s  Future 

So  far,  most  users  appear  to 
be  comfortable  with  that. 

Paul  Francis,  senior  manager 
of  systems  security  at  Shaw’s 
Supermarkets  Inc.  in  West 
Bridgewater,  Mass.,  said  he 
doesn’t  expect  any  negative 
repercussions.  “Things  have 
been  pretty  smooth  with  CA  in 
spite  of  what’s 
happened,”  he 
said.  “There’s  a 
good  management 
team  in  place.  I 
don’t  expect  any 
disruption.”  Shaw’s 
uses  CA’s  eTrust  software. 

CA  products  will  continue 
to  deliver  value,  said  Clark 
Ammons,  production  and  sys¬ 
tems  manager  of  information 
systems  at  Washington  Uni¬ 
versity  in  St.  Louis.  “We  pur¬ 
chase  the  product  and  not  the 
people  behind  the  product,” 
he  said.  “There  is  a  lot  of 
thought  and  review  process 
before  there  is  ever  a  purchase 
done  from  any  company.” 

Leadership  Speculation 

CA  this  week  is  expected  to 
appoint  board  member  Ken¬ 
neth  Cron  as  interim  CEO  and 
continue  searching  for  a  per¬ 
manent  replacement.  Analysts 
expect  the  new  CEO  to  come 
from  outside  the  company. 

“There  is  no  clear  No.  2” 
within  CA,  said  Gregg  Mosko- 
witz,  an  analyst  at  Susquehan¬ 
na  Financial  Group  LLP  in 
New  York.  “They  have  some 
serviceable  executives  who 
can  step  in  for  the  time  being.” 

There  has  been  some  specu¬ 
lation  among  IT  and  financial 
analysts  that  Steve  Mills,  senior 
vice  president  and  group  execu¬ 
tive  in  charge  of  IBM’s  Software 
Group,  could  be  in  the  running 
as  a  replacement  for  Kumar. 
However,  Mills  told  Computer- 
world  last  week  that  he  has  no 
outside  CEO  aspirations. 

“I  am  a  CEO  [of  IBM’s  Soft¬ 
ware  Group].  I  have  a  spectac¬ 
ular  job,”  Mills  said.  “Anything 
else  would  be  a  comedown.” 

Barrenechea  scoffed  at 
Mills  becoming  CA’s  CEO. 
“Software  is  an  afterthought 
at  IBM,”  he  said.  “[Mills  is] 


the  VP  of  afterthought.” 

CA  and  Kumar  could  still 
face  legal  action.  The  U.S.  Se¬ 
curities  and  Exchange  Com¬ 
mission  warned  CA  in  January 
that  it’s  considering  civil 
penalties  against  the  company. 
The  U.S.  Department  of  Jus¬ 
tice  has  filed  court  documents 
showing  that  it  believes  more 
executives  at  CA  knew  about 
past  accounting  violations 
than  the  four  former  employ¬ 
ees  charged  so  far. 
Kumar  is  widely 
believed  to  be  a 
target  of  the  in¬ 
vestigators’  con¬ 
tinuing  inquiries. 
CA  has  taken 
steps  to  replace  executives 
forced  out  by  the  accounting 
scandal.  Earlier  this  month,  it 
hired  Jeff  Clarke,  the  well-re¬ 
garded  former  head  of  global 
operations  at  Hewlett-Packard 
Co.,  as  its  chief  financial  officer. 

Barrenechea,  who  moved 
to  CA  from  Oracle  Corp.  last 
year,  said  that  his  role  hasn’t 
changed  as  part  of  the  man¬ 
agement  reshuffle  and  he 
doesn’t  expect  it  to.  And  Bar¬ 
renechea  didn’t  evade  a  ques¬ 
tion  about  whether  he  jumped 
from  the  frying  pan  into  the 
fire  when  he  moved  to  CA. 

“I’ve  gotten  used  to  walking 
on  hot  coals,”  Barrenechea  said. 

Some  users  appear  resigned 
to  the  same  fate.  One  customer 
who  has  had  a  rocky  experi¬ 
ence  with  CA  said  the  manage¬ 
ment  turmoil  can’t  make  things 
any  worse.  “We’re  never  happy 
with  their  customer  service,” 
said  Win  Shih,  head  of  automa¬ 
tion  at  Saint  Louis  University’s 
Pius  XII  Memorial  Library.  “If 
the  company  changes  leader¬ 
ship,  it  could  be  good  or  bad.  It 
depends  on  the  new  person.” 

Still,  users  such  as  Kay  Roze- 
boom,  a  database  administrator 
at  the  Iowa  Department  of  Ad¬ 
ministrative  Services,  remain 
optimistic.  “Our  support  has 
always  been  excellent,”  she 
said.  “They’ve  had  manage¬ 
ment  shake-ups  in  the  past,  and 
I  can’t  say  that  it’s  affected  us 
negatively  before.”  ©  46414 


Cowley  writes  for  the  IDG  News 
Service.  Computerworld’s 
Marc  L.  Songini  contributed 
to  this  report. 


PROBING  QUESTIONS 
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©  QuickLink  a1640 
www.computerworld.com 


IBM’s  Mills  Speaks 
OutonCA... 

STEVE  MILLS,  senior  vice  president  and  group  executive  in 
charge  of  IBM’s  $14  billion  software  business,  spoke  with  Com¬ 
puterworld’s  Don  Tennant  last  week  about  the  government  in¬ 
vestigation  of  rival  Computer  Associates.  The  interview  took 
place  on  April  19,  two  days  before  CA  announced  that  Sanjay 
Kumar  had  stepped  down  from  his  post  as  CEO. 


What  do  you  make  of 
CA’s  legal  problems, 
especially  now  that 
CEO  Sanjay  Kumar  is 
under  scrutiny?  All  of 
these  things  are  focused 
on  individuals.  If  there’s  a 
management  change,  I 
would  suspect  they  would 
continue  to  deliver  the 
products  they're  deliver¬ 
ing  now.  That's  not  likely 
to  change  in  any  way.  The 
question  is,  Will  the  players  change? 
That’s  anybody’s  guess,  but  it  obvi¬ 
ously  appears  pretty  serious. 

Would  a  change  of  players  have 
an  impact  on  IBM  in  any  way? 


We  deliver  a  very  rich  set 
of  products  to  replace  CA 
products,  so  customers 
who  were  losing  confi¬ 
dence  in  the  company 
could  certainly  turn  to 
IBM  for  alternatives. 

Are  you  using  CA’s 
legal  problems  as  a 
sales  tool  to  lure  CA 
users  to  IBM?  CA  does 
enough  on  their  own,  in¬ 
dependent  of  what  the  government 
is  doing,  to  create  opportunities  for 
us.  We  don’t  need  the  Department 
of  Justice  to  help  us  build  that  busi¬ 
ness.  CA  has  a  very  mixed  reputation 
with  customers.  CA  tends  not  to 


make  new  investments  in  any  of 
these  mainframe-based  products. 
There’s  a  lack  of  add-ons  and  fea¬ 
tures  and  updates;  they  don’t  keep 
pace  particularly  well.  We  find  many 
businesses  want  to  get  off  of  CA 
tools. 


Do  you  think  you  beat  CA  to  the 
punch  by  acquiring  Candle 
Corp.  [QuickLink  45895]?  Can¬ 
dle  is  a  major  provider  of  tooling  on 
the  mainframe.  The  disposition  of  so 
many  companies  that  were  started 
up  in  this  area  has  not  necessarily 
favored  IBM.  They’d  get  acquired  by 
Computer  Associates,  and  Computer 
Associates  just  wants  to  charge  the 
customer  a  lot  of  money  and  not 
give  them  any  incremental  value. 
We've  watched  this  movie  replay  it¬ 
self  over  and  over  again.  So  we  have 
a  lot  of  concerns  about  what  hap¬ 
pens  to  some  of  these  modest-size 
independent  providers  of  tooling  for 
the  mainframe.  ©  46421 
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...And  CA’s 
Barrenechea  Responds 

MARK  BARRENECHEA,  senior  vice  president  of  product  develop¬ 
ment  at  Computer  Associates,  took  issue  with  statements  made 
about  CA  by  Mills  in  the  interview  posted  on  our  Web  site  on 
April  20.  He  spoke  with  Computerworld’s  Don  Tennant  on  April 
22  to  rebut  those  comments. 


Some  IT  and  financial 
analysts  have  put 
Steve  Mills  on  the  list 
of  potential  replace¬ 
ments  for  Sanjay 
Kumar.  What’s  your 
response  to  that?  Let 
me  put  that  in  perspective 
from  what  I  see.  IBM  in 
fiscal  year  '03  did  $90  bil¬ 
lion  in  total  revenue.  The 
software  business  did  just 
under  $14  billion.  So  16% 
of  IBM’s  revenues  are  software.  Soft¬ 
ware  is  an  afterthought  at  IBM.  It's  all 
about  global  services  and  hardware. 
[Mills]  is  the  VP  of  afterthought. 

Mills  suggested  that  CA  isn’t 
particularly  innovative.  What's 
your  response?  I’ve  been  here  at 


CA  now  for  close  to  a 
year  [following  a  move 
from  Oracle],  and  I  find 
the  organization  one  of 
the  most  skilled  and  inno¬ 
vative  I  have  seen  in  the 
industry.  When  you  look 
at  our  Q3  results,  we 
grew  42%  in  subscription 
licenses.  When  you  look 
at  IBM's  growth  [for  its 
first  quarter]  that  they  just 
announced  recently, 

[and]  you  [adjust  for]  currency,  they 
grew  at  3%.  We  are  the  world's 
leader  in  management  software.  If 
you  compare  our  innovation  to 
IBM's,  IBM  has  a  long  history  of 
failed  attempts.  We  can  look  at  OS/2 
not  being  a  successful  operating 
system.  We  can  look  at  SNA  losing 


out  to  IP.  We  can  look  at  Lotus  losing 
the  e-mail,  Word  and  Excel  battle. 

When  I  asked  Mills  about  IBM’s 
acquisition  of  Candle  Corp.,  he 
said  CA  has  a  history  of  acquir¬ 
ing  companies  like  Candle  and 
“just  wants  to  charge  the  cus¬ 
tomer  a  lot  of  money  and  not 
give  them  any  incremental  val¬ 
ue.”  What’s  your  response? 
Candle  is  a  very  interesting  acquisi¬ 
tion  in  IBM’s  history.  After  40  years, 
IBM  couldn't  get  performance  man¬ 
agement  right.  So  they  had  to  go  out 
and  buy  Candle. 

Did  CA  ever  look  at  Candle  as 
an  acquisition  target?  No.  The 

value  we’re  bringing  to  clients  today 
around  Sysview  and  OPS/MVS  is 
unsurpassed.  And  after  40  years, 
[IBM]  couldn’t  build  performance 
management  like  [CA’s]  Unicenter 
NetMaster.  So  we  never  looked  at 
Candle.  We  weren’t  interested,  and 
we’re  still  not  interested.  ©  46420 
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AS  ANY  ENTERPRISE  CUSTOMER 

who’s  spent  time  with  Sanjay  Kumar 
will  confirm,  the  former  CEO  of  Com¬ 
puter  Associates  is  a  genuinely  nice 
man,  a  talented  business  leader  and  a 
well-respected  figure  in  the  industry.  In  every  re¬ 
gard,  Kumar  is  viewed  as  a  vast  improvement  over 


his  contentious  mentor, 
infamous  CA  co-founder 
Charles  Wang. 

So  it  was  a  sad  mo¬ 
ment  for  many  last  week 
when  Kumar  resigned 
his  CEO  role  in  the  mer¬ 
ciless  glare  of  two  feder¬ 
al  investigations  into 
CA’s  accounting  prac¬ 
tices.  He  stepped  down 
but  not  out,  taking  on  the 
vanity  title  of  “chief  soft¬ 
ware  architect”  —  a  sign 
of  continuing  support  from  his 
board  that  may  lend  some  comfort 
to  the  customer  base. 

But  Kumar  still  faces  his  own  legal 
nightmares  as  the  Securities  and  Ex¬ 
change  Commission  and  Depart¬ 
ment  of  Justice  probes  grind  on.  So 
far,  14  CA  executives  have  resigned 
or  been  fired  in  connection  with  the 
widening  scandal.  It’s  an  ugly  but 
familiar  tale  of  corporate  greed. 

One  fact  is  painfully  clear,  how¬ 
ever.  Regardless  of  what  he  knew 
and  when  he  knew  it,  Sanjay  Kumar 
was  the  company  president  while 
former  CFO  Ira  Zar  and  other  now- 
indicted  executives  engaged  in  ille¬ 
gal  accounting  practices,  securities 
fraud  and  obstruction  of  justice.  Zar 
claims  he  met  regularly  with  two 
as-yet-unnamed  top  executives  who 
knew  he  was  cooking  the  books.  At 
the  time,  he  reported  to  Kumar,  who 
reported  to  Wang,  who  is  now  re¬ 
tired  and  enjoying  life  as  a  wealthy 
sports  mogul. 

Anyone  familiar  with  the  compa¬ 
ny’s  history  knows  it  was  Wang  who 
fathered  its  business  policies  and 
nurtured  CA’s  sales  practices.  When 
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Kumar,  the  longtime 
heir  apparent,  took  over 
as  CEO  in  2000,  he  wast¬ 
ed  no  time  before  mak¬ 
ing  deep,  substantive 
changes  in  Wang’s  king¬ 
dom.  He  revamped  the 
accounting  methods  now 
under  scrutiny,  reformed 
the  sales  force,  replaced 
most  of  the  board  and 
steadily  rebuilt  CA’s 
shattered  reputation 
with  customers.  That’s 
why  IT  executives  have  been  willing 
to  keep  the  faith,  even  as  the  feds 
encircle  CA’s  top  echelon.  “It’s  been 
going  on  for  so  long,”  one  customer 
remarks,  “and  Computer  Associates 
isn’t  the  only  company  that’s  had 
this  sort  of  problem.” 

In  the  meantime,  CA’s  rivals  aren’t 
waiting  for  any  bodies  to  cool. 

Steve  Mills,  head  of  IBM’s  soft¬ 


ware  business,  made  an  appeal  to 
readers  concerned  about  his  rival’s 
troubles  in  a  Computerworld  inter¬ 
view  last  week  [QuickLink  46328]. 
“We  deliver  a  very  rich  set  of  prod¬ 
ucts  to  replace  CA  products,”  Mills 
said,  ever  so  helpfully.  “So  cus¬ 
tomers  who  were  losing  confidence 
in  the  company  could  certainly  turn 
to  IBM  for  alternatives.”  Other  en¬ 
terprise  vendors  will  likely  extend  a 
solicitous  hand  as  well. 

“The  biggest  challenge  facing  CA 
right  now  is  to  reassure  customers 
and  partners,”  says  analyst  Michael 
Dortch  at  Robert  Frances  Group. 
“To  the  extent  that  CA  is  successful 
at  this,  most  customers  will  contin¬ 
ue  to  care  little,  if  at  all,  about  who’s 
running  what.” 

That  may  be  true  in  the  short 
term.  But  smart  CIOs  will  keep  a 
wary  eye  on  the  worst-case  scenario 
of  CA  —  the  company  itself  —  end¬ 
ing  up  with  a  criminal  conviction. 
That’s  what  destroyed  accounting 
firm  Arthur  Andersen. 

Federal  investigators  seem  to  be 
drilling  toward  one  bedrock  ques¬ 
tion:  How  deep  did  CA’s  culture  of 
corruption  —  this  willingness  to  in¬ 
vent  35-day  months  in  order  to  prop 
up  quarterly  sales  numbers  —  really 
go?  O  46389 


DIDN’T  YOU  KNOW 

that  that  phrase  is  the 
standard  greeting  for 
troops  in  Iraq? 

No?  Well,  IT  is  good  at  burying  its 
head  in  the  sand. 

The  IT  industry  tends  not  to  get 
involved  in  public  issues  unless  it’s 
talking  H-1B  visas,  tax  credits  for  re¬ 
search  and  development,  or  govern¬ 
ment  contracts. 

That  ought  to  change.  In  fact,  IT 
should  mount  a  large  offensive  to  edu¬ 
cate  and  connect  the  U.S.  public  with 
our  troops  in  Iraq. 

What’s  involved?  I’m  talking  about 
free  hardware  and  software  for  troops 
now  serving  overseas  as  well  as  for 
their  families.  What’s  needed  for 
starters  is  a  branded  effort  that  would 
give  computers  to  the  families  of  ser¬ 
vicemen  and  -women 
who  can’t  afford 
them.  The  IT  indus¬ 
try  and  technology 
companies  could  of¬ 
fer  free  Internet  and 
e-mail  access,  as  well 
as  software  to  build 
Web  sites,  transfer 
files  and  share  music 
and  photos  between 
families  and  troops 
overseas.  Companies 
ought  to  be  buying 
and  donating  DVD  burners,  and  music 
industry  firms  should  be  shipping 
CDs.  The  digital  world  should  turn  its 
hand  to  something  analog:  morale 
building. 

Nonlethal  IT  is  already  heavily  used 
by  soldiers  in  the  field  to  allow  them  to 
stay  connected  to  home.  MP3  players, 
e-mail,  DVD  movies,  satellite  dishes 
and  laptop  computers  with  Internet 
access  are  all  in  use,  and  the  Armed 
Forces  Network  operates  a  radio  feed 
from  Riverside,  Calif.,  that’s  beamed 
into  Iraq. 

It’s  just  as  common  to  see  music 
files  shared  among  GIs  as  it  is  to  see 
bootleg  DVD  movies  sprout  up  only 
weeks  after  their  Hollywood  release. 

The  military  brass  isn’t  bashful 
about  using  IT  to  put  a  personal  face 
on  their  mission.  For  example,  the  1st 
Armored  Division,  the  U.S.  Army  tank 
division  deployed  in  Iraq,  uses  its  Web 
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BUSINESS  INTELLIGENCE  SERIES 

1  by  Shaku  Atre 

Charting  the  Course 

A  Guide  to  Evaluating 
Business  Intelligence  Products 

More  than  half  of  all  business  intelligence  proj¬ 
ects  fail  to  meet  enterprise  goals  and  thus  cannot 
be  considered  a  success.  Decision  makers  at  all 
levels  are  becoming  more  skeptical  about  their 
purchasing  decisions,  as  many  software  vendors 
fail  to  deliver  on  their  promises. 


The  goal  of  this  two-part  series  is 
to  provide  business  and  IT  managers 
within  enterprises  a  roadmap  for 
evaluating  and  selecting  BI  products. 
This  first  part  of  the  series  provides  a 
step-by-step  process  for  identifying 
the  organization’s  needs  for  BI  appli¬ 
cations  -  and  for  quickly  eliminating 
vendors  and  products  that  do  not  sat¬ 
isfy  these  needs. 

The  second  part  of  the  series  will 
offer  an  effective  set  of  templates  and 
best  practices  with  which  you  can 
perform  in-depth  product  evaluation. 
Some  of  the  functions  discussed  in 
Part  II  will  include: 

•  Balanced  scorecards  and  key 
performance  indicators  (KPIs) 

•  Enterprise  portals 

•  Querying,  reporting  and  analysis 
of  information 

•  Data  warehouse  modeling  and 
deployment 

•  Meta-data  management 

•  Transformations,  cleansing  and 
transfer  of  data 

•  Online  Analytical  Processing 
(OLAP) 


Introduction  to  Best  Practices 

Software  vendors  use  such  expres¬ 
sions  as  “benchmark  comparisons,” 
“out-of-the-box  functionality”  and 
“limited-time  discounts”  to  lure  dis¬ 
tracted  IT  and  business  managers 
into  making  decisions  that  have  not 
been  properly  thought  through. 
Unfortunately,  this  haste  frequently 
results  in  wasted  time  and  money,  as 
well  as  missed  opportunity  due  to 
unsuccessful  BI  implementations. 

Due  to  the  nature  of  BI,  solutions 
query,  rather  than  write,  data.  Thus, 
the  BI  environment  can  be  identified 
as  “data  out,”  as  compared  to  the 
“data  in”  environment  of  Online 
Transaction  Processing  (OLTP). 
Despite  this  basic  difference,  OLAP 
and  OLTP  can  coexist. 

Through  careful  evaluation  of 
business  needs  and  the  use  of  proven 
methodologies,  decision  makers  have 
shown  it  is  possible  to  successfully 
evaluate  BI  products.  Atre  Business 
Intelligence  Best  Practices  (ABIBP)  is 
one  methodology  that  has  helped 
enterprises  identify  their  BI  needs 


and  match  those  needs  to  products. 
For  more  information  on  ABIBP,  refer 
to  the  white  paper,  “Business 
Intelligence  Success  Is  Never  an 
Accident,”  by  Shaku  Atre 
(Computerworld,  Sept.  15,  2003). 

When  evaluating  BI  products, 
it’s  important  that  organizations 
undertake  the  project  with  realistic 
expectations.  The  table  on  page  4 
lists  some  of  today’s  BI  myths  and 
realities. 

Deciding  on  a  BI  Solution 

Before  evaluating  BI  products,  it’s 
important  to  understand  your  needs. 
Realize  that  a  single  product  is 
unlikely  to  meet  all  your  require¬ 
ments.  Most  BI  solutions  are  integra¬ 
tions  of  multiple  products,  each 
addressing  the  components  described 
here: 

Balanced  scorecard.  These  track 
business  progress  through  key  met¬ 
rics.  They  use  financial  data,  cus¬ 
tomer  information,  internal  business 
processes  and  iterative  growth  to 
translate  strategy  into  action. 
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Key  Performance  Indicators. 

KPIs  are  performance  indicators  of 
the  organization  as  a  whole;  they 
indicate  whether  the  enterprise  is 
meeting  its  stated  objectives. 

Querying  and  reporting.  This  is 
the  ability  to  access  information  and 
present  it  in  an  easily  understood 
way.  Functions  include  ad-hoc 
queries  across  multiple  tables  and 
data  sources;  focused  business 
reports;  batch- type  production 
reporting;  multiple  report  formats; 
and  multiple  queries  per  report. 
Reporting  solutions  should  draw  on 
the  full  range  of  data  assets  and  data 
sources  to  deliver  one  version  of  the 
truth.  Therefore,  they  should  inte¬ 
grate  easily  with  existing  IT  infra¬ 
structure  and  provide  different  levels 
of  sophistication. 

Enterprise  portals.  These  form 
an  easy  way  to  centralize  and  share 
information  across  the  organization. 
They  are  Web  sites  that  act  as  gate¬ 
ways  to  corporate  information,  enter¬ 
prise  applications,  organizational 
processes  and  business  resources. 

Enterprise  portals  let  users  per¬ 
sonalize  their  view  and  content;  per¬ 
form  efficient  searches;  tag  “best 
bets”;  profile  documents  for  better 
discoverability;  and  receive  notifica¬ 
tions  of  changes  to  their  subscribed 
documents,  folders,  categories  or 
search  queries. 

Relational  database  manage¬ 
ment  systems.  RDBMS  store  data  in 
the  form  of  interrelated  tables.  They 
are  designed  to  easily  determine  the 
relationships  among  data  elements 
and  allow  different  ways  to  write  and 
read  data. 

Data  warehouses.  A  data  ware¬ 
house  is  a  collection  of  subject-orient¬ 
ed  databases  that  support  business 
decisions.  Because  it  organizes  and 
stores  data  specifically  for  querying, 


Myth 

Reality 

Because  Bl  projects  are  usu¬ 
ally  initiated  and  sponsored 
by  a  single  department, 
products  should  focus  on 
the  requirements  of  that 
department  alone. 

Bl  is  the  first  step  in  achieving  a  holistic  view  of  an 
organization.  It  may  eventually  deliver  substantial  pay¬ 
back  across  the  organization,  and  Bl  products  should  be 
deployed  with  enterprise-wide  expansion  in  mind. 

Comprehensive  reporting 
requirements,  performance 
metrics  and  return  on 
investment  (ROI)  can  be 
fully  defined  through  a 
detailed  needs  analysis 
before  Bl  is  implemented. 

Bl  projects  run  into  more  unknowns  than  a  regular  OLTP 
project  that  delivers  a  finite  set  of  functions.  Therefore, 

Bl  project  planning  is  not  a  one-time  planning  activity, 
but  rather  an  iterative  development  process  -  human 
resources,  time  lines,  scope,  deliverables  and  plans  are 
continuously  adjusted  to  achieve  success.  It’s  always 
been  difficult  to  come  up  with  believable  ROI;  it’s  even 
more  challenging  to  estimate  ROI  for  a  Bl  environment. 
Therefore,  Bl  projects  should  have  short  time  lines,  and 
highest  priority  items  should  be  delivered  per  iteration. 

There  will  be  a  single  enter- 
prise-wide  Bl  product  in  the 
organization. 

With  the  current  rate  of  mergers  and  acquisitions,  a  sin¬ 
gle  Bl  product  is  a  pipe  dream.  Focus  on  mapping  your 
needs  to  product  functionality  and  technical  architecture. 
Paying  more  attention  to  standards  is  a  good  strategy 
that  reduces  reliance  on  any  single  vendor.  Over-reliance 
on  one  vendor  can  have  undesirable  side  effects;  the  ven¬ 
dor  could  take  over  the  driver’s  seat  on  your  project,  or 
alternatively  could  go  out  of  business. 

Only  users  internal  to  an 
organization  will  use  Bl 
querying  and  reporting. 

Bl  requires  integration  of  knowledge  about  customers, 
competition,  market  conditions,  vendors,  partners,  prod¬ 
ucts  and  employees  at  all  levels  of  an  organization. 

Bl  is  just  another  name  for 
reporting  and  historical 
trends  analysis. 

Bl  is  a  shift  in  thinking,  planning  and  execution  across  an 
enterprise.  To  succeed  with  Bl,  an  organization  requires 
a  harmonized  culture  in  which  everyone  is  cognizant  of 
the  strategic  vision.  For  example,  Bl  applications  may 
have  the  ability  to  automate  decision  tasks  by  looking  at 
frequently  occurring,  time-dependent  predictive  process¬ 
es  such  as  price  changes  and  special  offers  for  certain 
customers. 

reporting  and  analysis,  the  design  of 
a  data  warehouse  database  differs 
significantly  from  the  design  of  an 
OLTP  database. 

Meta-data  management.  Unlike 
ordinary  data  stores,  a  meta-data 
repository  is  not  designed  to  store 
business  data  for  a  business  applica¬ 


tion;  rather,  it  stores  contextual  infor¬ 
mation  about  the  business  data,  or 
meta-data.  The  difference  is  crucial, 
and  often  overlooked.  Examples  of 
the  contextual  information  found  in  a 
meta-data  repository  include  the 
business  data’s  meaning  and  content; 
policies  governing  it;  its  technical 
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attributes;  and  programs  used  to 
manipulate  it. 

ETL.  Source  data  for  BI  applica¬ 
tions  comes  from  a  variety  of  plat¬ 
forms,  managed  by  a  variety  of  oper¬ 
ating  systems  and  applications.  The 
purpose  of  the  extract/ transform/ 
load  (ETL)  process  and  application 
is  to  merge  data  from  these  heteroge¬ 
neous  platforms  into  a  standard  for¬ 
mat  for  BI  target  databases. 

A  BI  system  should  not  be  a  collec¬ 
tion  of  stand-alone  target  databases, 
each  with  its  own  ETL  process; 
rather,  it  should  be  an  integrated 
data  store.  For  this  reason,  it’s  critical 
to  perform  common  data  transforma¬ 
tions  for  all  BI  target  databases  only 
once,  then  reconcile  that  data. 

Data  cleansing.  This  is  the 
process  of  reformatting,  reconciling 
and  refining  data  during  ETL.  Data 
cleansing  activities  include  correcting 
or  identifying  mis-fielded  names  and 
addresses;  frequency  of  occurrences 
in  a  field  (including  blanks  and 
zeros);  shapes  of  data  in  a  field  (such 
as  xxx-xxx-xxxx  for  a  U.S.  phone 
number;  and  distribution  of  business 
addresses  vs.  residential  addresses. 
These  activities  may  be  either  simple 
or  complex. 

Simple  data  cleansing,  or  “scrub¬ 
bing,”  provides  basic  cleansing  of 
invalid  data,  which  may  involve  case 
correction,  standardization,  splitting 
a  source  data  field  and  removing 
spaces  or  special  characters.  For 
example,  simple  cleansing  would 
convert  “mr.  rob  ball  Layton”  to 
“Mister,”  “Rob,”  “Ball”  and  “Layton” 
and  place  these  fields  in  four  differ¬ 
ent  columns. 

Complex  data  cleansing  performs 
de-duplication,  data  reformatting 
and  data  cleansing.  This  may  involve 
phonetic  and  non-phonetic  fuzzy- 
matching  as  well  as  user-defined 


cleansing  rules.  For  example,  com¬ 
plex  cleansing  might  determine  that 
“mr.  rob  ball  Layton”  is  the  same  as 
“Mister,”  “Robert,”  “Bell”  and 
“Leighton,”  and  then  convert  an  ETL 
insert  into  a  target  update. 

Real-time  replication.  This  is  the 
ability  to  propagate  source  data 
changes  to  the  target  system  in  real 
time.  Real-time  replication  systems 
normally  use  database  transaction 
logs,  triggers  or  time-stamp  columns 
to  capture  incremental  changes  made 
to  source  data  and  flow  those 
changes  to  the  target  system  with 
minimal  latency. 

Analytics  and  OLAP.  OLAP  sys¬ 
tems  handle  queries  required  to  dis¬ 
cover  trends  based  on  vast  volumes  of 
information.  Data  is  organized  into 
multidimensional  cubes,  giving  better 
performance  than  relational  tables. 
The  basic  unit  of  a  multidimensional 
cube  is  called  a  “measure”  and  is 
defined  as  the  unit  of  data  that  is 
being  analyzed.  Each  dimension  is 
divided  into  units  called  “members,” 
which  are  typically  organized  into  a 
hierarchy.  The  dimensions  and  meas¬ 
ures  defined  for  the  cubes  in  any 
OLAP  system  depend  on  the  types  of 
analysis  that  are  important  to  the 
enterprise. 

Mobile  applications.  These  con¬ 
nect  mobile  devices  to  existing  ERP, 
CRM  and  back-end  systems  and  bring 


mobile  workers  access  to  vital  corpo¬ 
rate  systems  and  information.  This 
results  in  operational  decision-mak¬ 
ing  efficiencies,  increased  responsive¬ 
ness  to  customers  and  a  decisive  com¬ 
petitive  advantage. 

The  selected  solution  should  help 
the  organization  develop  future 
applications  with  lower  labor  costs 
(computer  cycles  are  getting  cheaper, 
while  the  cost  of  people  is  rising). 

The  solution  should  also  connect 
information  across  the  enterprise. 
That  information  represents  cus¬ 
tomers,  money,  products,  policies, 
employees  and  partners. 

Typically,  the  selection  of  one  soft¬ 
ware  package  involves  the  evaluation 
of  others,  domino-style.  For  example, 
selecting  an  ETL  solution  also 
involves  evaluating  a  data-cleansing 
tool  and  RDBMS  interface  software. 
As  a  result,  the  selection  process  for 
BI  products  is  more  involved  than 
many  managers  expect. 

Selection  Process 

Too  often,  evaluators  buy  a  prod¬ 
uct  for  a  specific  solution  now,  and 
must  then  address  pre-  or  post-requi¬ 
sites  during  implementation.  This  can 
lead  to  failure.  Working  through  all 
anticipated  requirements  is  challeng¬ 
ing,  but  worthwhile. 

We  advocate  a  proven  5-phase 
selection  approach  for  BI  components 


An  internationally  renowned  expert  in  business  intelligence,  data 
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Figure  1 
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and  products: 

1.  Needs  identification 

2.  Elimination 

3.  Vendor  evaluation 

4.  Product  evaluation 

5.  Recommendation 

Here  we  focus  on  phases  1  and  2, 
bringing  you  to  a  point  where  you’re 
ready  to  evaluate  a  small  list  of  BI 
vendors  and  products.  In  Part  II,  we 
will  discuss  Phases  3-5. 

Phase  1:  Needs  Identification 

In  this  phase,  corporate  vision,  IT 
direction  and  business  needs  must  be 
evaluated.  Considering  future  busi¬ 
ness,  functional  and  technical 
requirements  is  also  critical.  If  the 
business  outgrows  the  capabilities  of 
the  original  products  or  processes,  it 
will  be  expensive  and  time-consum¬ 
ing  to  convert  to  another  product 
later. 

Some  of  the  challenges  with  exist¬ 
ing  or  newly  implemented  systems 
include: 

•  Data  does  not  become  available 
quickly  enough. 

•  The  data  model  is  difficult  to 
manipulate. 

•  The  information  provided  is 
insufficient. 

•  The  reports  are  too  complex  for 
line  managers. 

•  The  product  does  not  have  the 
required  functionality. 

•  There’s  a  lack  of  standard 
reports  and  queries. 

•  There’s  a  lack  of  buy-in  and 
commitment  among  users. 

•  Many  frequently  asked  questions 
cannot  be  answered. 

•  Poor  data  quality  or  warehouse 
design  results  in  conflicting  results. 

•  Sponsors  are  frustrated  and  have 
abandoned  the  project. 


Of  course,  it’s  ideal  to  find  a  prod¬ 
uct  that  eliminates  all  of  these  prob¬ 
lems.  But  usually  that  is  impossible. 
Therefore,  organizations  should  pri¬ 
oritize  to  ensure  that  no  major  com¬ 
promises  are  made  regarding  the  top 
five  criteria. 

During  needs  identification, 
organizations  should  conceptually 
identify  the  first  release  of  the  BI 
solution.  Which  metrics  will  be  creat¬ 
ed,  from  which  data  sources,  located 
on  which  server  platforms,  and  pre¬ 
sented  to  which  user  groups?  The 
first  release  has  to  be  a  success. 
Therefore,  its  scope  shouldn't  be 
overwhelmingly  large  and  should 
deliver  results  within  six  months. 

One  major  activity  during  this 
phase  is  to  collect  a  balanced  repre¬ 
sentation  of  business  needs  from  all 
stakeholders  to  ensure  continued 
support.  This  will  help  ascertain  the 
capabilities  of  the  right  BI  product. 

So  who  defines  the  needs?  It’s 
important  to  bring  in  technical,  busi¬ 
ness  and  corporate  perspectives. 
Wide  representation  and  diverse 


viewpoints  now  produce  better  deci¬ 
sions  and  fewer  surprises  later.  At  the 
same  time,  the  project  manager  must 
avoid  a  bureaucratic  nightmare  by 
preventing  the  team  from  becoming 
unwieldy.  There  shouldn’t  be  more 
than  six  people  working  full  time  at 
this  stage.  Team  members  should 
communicate  with  users  in  their 
departments  to  identify  “pain  points.” 

BI  products  must  support  large 
volumes  of  data  stored  in  disparate 
OLTP  and  OLAP  systems,  and  must 
deliver  information  based  on  that 
data  to  both  internal  and  external 
users  through  various  delivery  sys¬ 
tems.  Thus  enterprises  must  carefully 
assess  their  application  development 
environment  -  which  generates  addi¬ 
tional  questions.  Application-related 
needs  to  be  considered  during  this 
phase  include: 

•  Users’  functional  requirements, 
including  top  20  business  perform¬ 
ance  metrics. 

•  A  list  of  data  sources  that  con¬ 
tain  most  of  the  operational  data. 

•  Preferred  operating  systems. 
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•  Hardware  environments  deemed 
strategic. 

•  RDBMS  environments. 

•  Currently  deployed  decision- 
support  systems  (including  data 
warehouses,  data  marts  and  querying 
and  reporting  tools) . 

•  Both  current  and  projected  data 
volumes. 

•  Current  and  projected  user 
groups,  numbers  and  locations. 

•  Release  promotion  process. 

•  Change-control  requirements. 

At  this  point,  it’s  important  to 

define  the  focus  of  your  BI  project.  In 
most  cases,  a  department  with  a  par¬ 
ticular  business  need  drives  the  initial 
BI  effort  (see  Figure  1).  Nevertheless, 
IT  managers  and  decision  makers 
must  understand  the  requirements  of 
other  potential  BI  users. 

The  Needs  Identification  phase 
should  culminate  in  a  brief  report 
focusing  on: 

•  What  we  do  well  today. 

•  Which  user  groups  are  happy 
with  the  information  provided. 

•  Which  user  groups  are  not 
happy  with  the  information  provided. 

•  Which  queries  and  reports  are 


important  but  difficult  to  support, 
creating  pain  points. 

•  What  data  is  available  to  address 
these  pain  points. 

•  External  data  needs. 

•  Which  information  can  be  easily 
made  available  with  a  BI  application. 

•  Is  it  necessary  to  change  any 
business  processes  to  provide  the 
information? 

•  Establishment  of  KPIs  and  a  bal¬ 
anced  scorecard. 

Phase  2:  Elimination 

Now  you’re  ready  to  eliminate  cer¬ 
tain  products  and  vendors.  Once  you 
complete  this  phase,  the  number  of 
remaining  candidates  should  be  four 
or,  at  the  most,  six  vendors.  This  will 
keep  your  detailed  product  evalua¬ 
tion  from  becoming  a  bureaucratic 
nightmare. 

At  the  very  least,  any  product  that 
makes  the  final  cut  must  provide  easy 
access  to  data  on  disparate  sources 
(including  mainframes,  enterprise 
servers,  federated  databases,  work¬ 
stations  and  external  sources)  and 
multiple  delivery  mechanisms 
(including  intranets,  the  Internet, 
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partner  networks  and  mobile  users) . 

To  winnow,  establish  baseline 
requirements.  Figure  2  shows  one 
model  for  eliminating  products, 
where  the  outermost  ring  represents 
a  company’s  hardware  compatibility 
and  the  innermost  its  meta-data  man¬ 
agement  capability.  For  example,  if 
it’s  mandatory  that  the  product  sup¬ 
port  your  preferred  hardware,  any 
product  that  does  not  is  quickly  elimi¬ 
nated.  Common  criteria  include: 

•  Hardware  compatibility. 

•  Operating  system  compatibility. 

•  Support  for  certain  delivery 
mechanisms. 

•  Support  for  native  interfaces 
used  to  query  and  load  data. 

•  Built-in  support  for  transforma¬ 
tional  and  cleansing  functions. 

•  Graphical  support  for  ad-hoc 
queries. 

•  The  product’s  meta-data  man¬ 
agement  capabilities. 

You’re  now  near  the  end  of  Phase 
2.  Next,  you  analyze  each  remaining 
vendor’s  financial  stability  and  back¬ 
ground.  Then  you  perform  rudimen¬ 
tary  vendor  and  product  evaluations 
to  shrink  the  list  to  a  maximum  of  six 
finalists. 

Conclusion 

Once  you’ve  completed  Phases  1 
and  2,  you  are  in  a  position  to  zero  in 
on  your  final  recommendation  - 
which  will  be  addressed  in  Part  II. 
There,  we  will  provide  in-depth  guid¬ 
ance  on  vendor  and  product  evalua¬ 
tions;  proof-of-concept  activities;  and 
reaching  your  final  decision. 

Part  II  also  contains  templates  that 
will  provide  a  comprehensive  list  of 
questions  and  techniques  needed  to 
perform  these  evaluation  activities 
and  reach  the  final  recommendation. 

©2004  Atre  Group 


With  SAS®  software’s  new  Intelligence  Platform,  you  can... 


Drive  the  value  of  your  investment  in 
operational  software.  Once  and  for  all 


INTELLIGENT  STORAGE 

ETL  PROCESS 

DATA  QUALITY 

BUSINESS  INTELLIGENCE 

ANALYTIC  INTELLIGENCE 


SAS  introduces  a  software  breakthrough  for  sharing  mission-critical  intelligence,  in  just  the  right 
context,  with  everyone  from  executives  to  knowledge  workers.  And  for  increasing  the  value  of  your 
IT  investment  every  step  of  the  way- from  aggregating  and  ensuring  the  quality  of  data,  from  any 
source,  to  transforming  that  data  into  predictive  insight  using  the  world’s  best  analytics.  Can  one 
intelligence  platform  truly  fit  all  your  needs,  within  IT  and  across  your  enterprise?  Let  us  prove  it. 
Call  toll  free  1  866  791  3183  or  visit  our  Web  site. 

www.sas.com/itbreakthrough 


The  Power  to  Know, 


jsas. 


SAS  and  all  other  SAS  Institute  Inc.  product  or  service  names  are  registered  trademarks  or  trademarks  of  SAS  Institute  Inc.  in  the  USA  and  other  countries.  ®  indicates  USA  registration. 
Other  brand  and  product  names  are  trademarks  of  their  respective  companies.  ©  2004  SAS  Institute  Inc.  All  rights  reserved.  27471 0US.0404 


www.computerworld.com 


OPINION 


COMPUTERWORLD  April  2004 


site  ( www.lad.army.mil )  to  post  let¬ 
ters,  pictures  and  stories  related  to  the 
troops’  activities. 

Indeed,  if  you’re  thinking  this  idea 
for  IT  deployment  is  too  political  for 
you  and  your  company  to  be  involved 
in,  I  urge  you  to  take  a  look  at  the  pho¬ 
tos  of  the  troops  in  the  field.  Such  pic¬ 
tures  help  make  the  war  in  Iraq  seem 
less  remote  and  otherworldly  for  peo¬ 
ple  who  don’t  know  someone  serving 
overseas. 

This  isn’t  about  politics  or  your 
views  on  U.S.  foreign  policy.  This  is 
about  young  men  and  women  thou¬ 
sands  of  miles  from  home  who  are  ex¬ 
posing  themselves  to  possible  death, 
injury  and  disease. 

IT  industry  executives  could  easily 
put  together  a  series  of  promotions 
offering  online  discounts  to  military 
personnel  and  their  families.  Sure,  this 
is  a  bit  prosaic,  but  dodging  bullets  and 
avoiding  land  mines  is  more  important 
than  sacrificing  a  small  fraction  of 
your  profit  margin. 

The  IT  industry  manages  to  come 
together  over  health  care  privacy  and 
online  security  issues.  There’s  no  rea¬ 
son  for  it  to  duck  and  run  for  cover 
over  the  war  in  Iraq.  ©  46300 

MICHAEL  GARTENBERG 

Microsoft’s 
Delay  Is 
Gain 

At  the  beginning  of 
this  month,  the  press 
reported  that  Micro¬ 
soft  had  set  an  internal  dead¬ 
line  to  ship  the  next  version  of  its  Win¬ 
dows  client,  code-named  Longhorn,  by 
mid-2006.  That’s  later  than  the  compa¬ 
ny  had  once  indicated.  But  assuming 
that  Microsoft  is  able  to  meet  that 
deadline,  IT  departments  have  an  un¬ 
precedented  opportunity  to  get  their 
houses  in  order.  They  can  focus  on  the 
issues  that  matter  most  to  users,  such 
as  stability,  reliability  and  security,  and 
prepare  properly  for  the  next  wave  of 
upgrades  down  the  road.  Here  are 
three  important  things  to  tackle: 

Clean.  First  things  first,  and  that’s 
cleaning  house.  It’s  time  for  all  of  those 
old  16-bit  Windows  (or  DOS)  applica¬ 
tions  to  leave.  They’re  a  drag  on  sys¬ 
tems,  a  nightmare  to  support  and  rife 
with  stability  and  security  problems. 
Organize.  A  managed  PC  environment 


is  much  easier  to  support 
than  an  unmanaged  one. 

Your  administration  tasks 
will  become  easier,  your 
support  costs  will  drop  dra¬ 
matically,  and  your  change 
process  for  upgrades  will 
allow  smooth  transitions 
when  you’re  ready  for  them. 

The  key  isn’t  so  much 
creating  a  single  desktop  as 
it  is  focusing  on  the  man¬ 
agement  aspects  of  your  in¬ 
frastructure  to  allow  for  up¬ 
dates,  rollouts  and  other 
changes.  There  are  a  num¬ 
ber  of  excellent  products  on 
the  market  to  facilitate  this, 
and  likewise  there’s  a  litany 
of  information  available  on 
how  best  to  achieve  this 
state.  If  you’re  not  managing 
your  architecture  holistical¬ 
ly,  you’re  wasting  cash. 

Upgrade.  This  one’s  painful,  but  it’s 
time  to  get  off  those  older  Windows 
operating  systems,  like  95,  98  and  even 
2000.  You  don’t  necessarily  have  to  do 
this  all  at  once,  and  a  phased  migration 


that  gets  you  to  Windows 
XP  over  the  next  several 
years  as  part  of  normal 
machine  replacements 
will  serve  you  well.  Ma¬ 
chines  that  are  XP-capable 
should  be  upgraded.  For 
them,  focus  your  efforts  on 
XP  Service  Pack  2  when  it’s 
released,  to  make  sure 
you’re  getting  the  maxi¬ 
mum  benefit  of  XP  along 
with  the  latest  security 
fixes  and  enhancements. 

Getting  to  XP  also  re¬ 
duces  pressure  for  short¬ 
term  migrations  to  Long¬ 
horn  in  2006.  You’ll  have 
time  to  properly  evaluate 
the  benefits  of  the  new 
operating  system,  you’ll  be 
able  to  give  Microsoft  the 
time  it  needs  to  get  the 
kinks  out,  and  you’ll  still  deliver  a 
compelling  computing  experience  to 
your  users. 

Upgrading  doesn’t  necessarily 
mean  you  stay  with  Windows,  either. 
The  next  two  years  are  a  good  time  to 


evaluate  where  in  your  organization 
alternative  operating  systems  might 
be  appropriate.  Although  Linux  still 
has  a  long  way  to  go  on  the  desktop, 
it’s  getting  better  and  is  appropriate 
under  certain  circumstances.  Mac  OS 
X  is  a  reliable  Unix-based  alternative 
that  can  meet  a  number  of  business 
computing  needs  without  creating  an 
overly  burdensome  drain  on  support 
resources. 

Meanwhile,  look  at  new  initiatives 
like  the  Tablet  PC  and  focus  on  where 
such  technologies  can  make  an  impact 
on  your  knowledge  workers. 

Every  IT  department  faces  two 
consistent  challenges:  to  stay  off  the 
obituary  pages  and  to  every  so  often 
get  in  the  headlines.  The  next  two 
years  present  a  huge  opportunity  for 
organizations  to  make  some  positive 
headlines  and  provide  benefits  for 
their  users.  Don’t  waste  this  time. 
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Make  Users  Turn 
On  What  They  Need 

IT’S  ABOUT  TIME  that  Microsoft 
realized  that  all  the  extra  features 
it  has  added  present  security  con¬ 
cerns  and  that  they  should  be 
turned  off  by  default  ["Microsoft 
Aims  to  Save  Users  From  Them¬ 
selves  in  XP  Update,”  QuickLink 
45555],  If  80%  of  users  use  only 
20%  of  the  features,  then  why  is 
everything  turned  on  by  default? 

Let  users  turn  on  the  features 
they  need.  This  would  require  Mi¬ 
crosoft  to  clearly  explain  what  each 
service  actually  does,  something 
that  would  benefit  everyone.  I  be¬ 
lieve  it’s  still  too  early  to  applaud 
Microsoft’s  efforts,  but  this  a  step 
in  the  right  direction. 

Tom  Hauer 

IT  manager,  Hawthorne,  N.J. 


Get  a  Clue,  Execs 

I  COMPLETELY  AGREE  with  the 
premise  of  Maryfran  Johnson’s 
March  29  editorial,  “No  More  IT 
Projects"  [QuickLink  45747],  I 
spoke  to  the  same  subject  in  the 
Peer  to  Peer  column  in  the  Nov.  15, 
2002,  issue  of  CIO,  The  title  I  used 
was  “It’s  Not  Your  IT  Portfolio  -  It’s 


Theirs.”  I  can’t  understand  how 
companies  deal  with  IT  organiza¬ 
tions  that  aren’t  aligned. 

Does  anyone  talk  about  sales, 
operations,  legal  or  finance  not  be¬ 
ing  aligned?  No,  just  IT.  I’m  con¬ 
vinced  that  the  problem  lies  in  the 
fact  that  senior  management  has  no 
idea  how  to  manage  IT  and  thus  al¬ 
lows  them  to  march  to  their  own 
drummer  rather  than  incorporating 
them  into  the  company  strategy.  I 
think  that  as  money  has  become 
tight,  this  issue  has  become  more 
serious. 

Paul  M.  Ingevaldson 

Senior  vice  president,  inter¬ 
national  and  technology,  Ace 
Hardware  Corp.,  Oak  Brook, 
HI.,  inge@acehardware.com 


The  Data  Toaster 

David  moschella  has  a  differ¬ 
ent  vision  of  what  will  happen 
in  software  than  I  hold  [‘Two  Paths 
for  the  Future  of  Computing,”  Quick¬ 
Link  45170],  This  is  probably  be¬ 
cause  we  have  very  different  re¬ 
quirements.  The  requirements  that 
I  foresee  make  the  computer  the 
equivalent  of  a  data  and  communi¬ 
cations  “toaster."  It  will  provide  the 
average  user  with  the  ability  to  gen¬ 


erate  and  maintain  private  personal 
records  that  will  be  immune  from 
snooping  by  others,  and  it  will  pro¬ 
vide  secure  communications.  And  it 
will  rely  on  open-source  software. 

Moschella’s  assumption  that 
insulating  the  user  from  the  code 
precludes  open-source  is  simply 
wrong.  Fie  says,  “Effective  busi¬ 
nesses  should  use  applications, 
not  tinker  with  programs,"  but  that 
has  no  relationship  to  the  source  of 
the  software. 

There  is  no  more  program  tinker¬ 
ing  required  with  open-source  soft¬ 
ware  than  there  is  with  proprietary 
software;  in  fact,  I  would  argue  that 
the  existence  of  macros  indicates 
that  many  business  users  find  it 
necessary  to  tinker  with  proprietary 
software. 

Charles  J.  Lingo 

Denham  Springs,  La. 


Windows  XP  Is  Too 
Fat  to  Be  Attractive 

Michael  gartenberg  just 
doesn't  get  it  [“Perfect  Storm 
Brewing  for  Microsoft?”  QuickLink 
45641],  People  aren't  upgrading  to 
Windows  XP  for  three  reasons: 

1)  It’s  a  much  fatter  operating 


system  and  they  can’t  afford  the 
hardware. 

2)  For  their  purposes,  there  is 
no  real  benefit.  (Remember,  Win¬ 
dows,  at  its  heart,  is  just  a  menuing 
system.) 

3)  Any  upgrade  raises  compat¬ 
ibility  issues,  but  this  one  more 
than  most. 

Some  may  also  not  appreciate  the 
terms  of  the  new  license  agreement. 

What  people  really  want  is  for 
Microsoft  to  make  “Windows  Lite" 
available  in  all  countries  for  a  more 
reasonable  price  than  XP.  This  is  a 
classic  example  of  a  company  not 
listening  to  its  customers. 

Rick  Kershner 

Webmaster,  Portland,  Ore. 

COMPUTERWORLD  welcomes 
comments  from  its  readers.  Letters 
will  be  edited  for  brevity  and  clarity. 
They  should  be  addressed  to  Jamie 
Eckle,  letters  editor,  Computerworld, 
P0  Box  9171, 500  Old  Connecticut 
Path,  Framingham,  Mass.  01701. 
Fax:(508)879-4843. 
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Include  an  address  and  phone  num¬ 
ber  for  immediate  verification. 
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WHEN’S  THE  LAST  TIME  you  gave  your  communications 

network  a  thorough  physical?  With  Avaya  Global  Services, 

you  don’t  have  to  because  we  do.  We  can  cost-effectively 

diagnose  and  treat  potential  problems  across  your 
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do  occur,  we  use  EXPERT  SystemsSM  proactive  tools  to 

diagnose  and  treat  96%  of  them  remotely*  Avaya 

Global  Services  is  a  global  leader  in  IP  telephony  and 

PBX  maintenance.  Our  professionals  are  trained  and 

certified  to  work  in  all  kinds  of  multi-vendor, 

multi-technology  networks.  So  whatever  shape  your 

network’s  in,  we’ll  take  care  of  you  the  whole  way. 

And  we  promise  it  won’t  hurt  a  bit.  Visit  us  at 

avaya.com/doctor  or  call  866-GO  AVAYA. 
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Contact  Centers 

Unified  Communication 

Services 
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FUTURE  WATCH 

Programming  Matter 

Techniques  for  “programming”  matter  are 
coming  —  albeit  slowly.  Once  they  arrive, 
these  nanotechnologies  will  touch  every¬ 
thing  —  and  information  systems  will  be 
the  first  thing  to  be  affected.  Page  26 


SECURITY  MANAGER’S  JOURNAL 

Failure  to  Communicate 
Dooms  IDS  Alert  Process 

A  SQL  Slammer  alert  gets  lost  between  the 
group  that  monitors  the  intrusion-detection 
system  and  the  one  that  handles  remediation 
in  Mathias  Thurman’s  shop.  Page  28 
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while  meeting  increased  capacity  demands.  By  Julia  King 


Weather.com 

OBJECTIVE:  Lower  costs  and 
increase  efficiency  by  migrat¬ 
ing  to  open-source  software 
and  commodity  hardware  for 
its  Web-based  IT  infrastruc¬ 
ture  wherever  possible. 


Dealing  with 
initially  skeptical  executive 
management,  rising  to  a  ven¬ 
dor  challenge  that  the  project 
couldn’t  be  done,  testing  and 
deploying  open-source  soft¬ 
ware  at  one  of  the  world's  10 
largest  Web  sites. 


PAYOFF:  Cut  IT  costs  by 
one-third;  increased  Web  site 
processing  capacity  by  30%. 


OPINION 

Invest  in  an  Antispam 
System  Now 

Curt  A.  Monash  says  antispam 
systems  may  not  be  perfect,  but 
buying  one  will  earn  you  the 
gratitude  of  users.  Page  29 


FOUR  YEARS  AGO. 
Weather.com,  the  on¬ 
line  counterpart  of 
The  Weather  Channel 
Interactive  Inc.’s  24-hour  TV  channel, 
relied  entirely  on  proprietary  commer¬ 
cial  software  to  serve  up  millions  of 
Web  pages  of  maps,  forecasts  and 
hour-by-hour  weather  data  every  day. 

Today,  the  Atlanta-based  Web  site 
serves  more  than  50  million  pages  on 
stormy  days,  but  it  runs  almost  entire¬ 
ly  on  open-source  software  and  com¬ 
modity  hardware.  And  since  the  move 
to  the  new  architecture,  it  has  slashed 
IT  costs  by  one-third  and  increased 
Web  site  processing  capacity  by  30%. 

“Where  it  makes  sense,  we  will  al¬ 
ways  look  at  open-source  alternatives,” 
says  CIO  Dan  Agronow.  The  reason  is 
simple,  he  says:  Despite  the  self-serv¬ 
ing  air  of  fear,  uncertainty  and  doubt 
(FUD)  that  commercial  vendors  create 
around  open-source  software,  lots  of 
open-source  products  work  very  well 
and  can  be  deployed  and  run  for  about 
half  the  cost  of  commercial  products. 

Agronow  recalls  one  time  when  an 
IBM  sales  representative  warned  him 
that  he’d  likely  lose  his  job  for  dump¬ 
ing  IBM’s  WebSphere  application 
server  and  formal  support  program  for 
an  open-source  alternative. 

“We’ve  heard  a  lot  of  the  FUD  about 
how  you  can’t  replace  Netscape  with 
Apache,  or  WebSphere  with  Tomcat 
[application  server  software],  but 
when  we’ve  tried  it,  we  haven’t  seen 
the  gotchas  that  the  vendors  all  tell  us 
about,”  says  Agronow,  who  worked  at 
IBM  as  a  technical  project  manager  for 
14  years  before  joining  Weather.com. 

“My  experience  is  we  have  actually 
received  better  support  of  open- 
source  software  than  we  have  with 
commercial  software,”  he  adds. 

The  Linux  Switch 

But  that’s  not  to  say  there  haven’t  been 
technical  challenges.  One  of  those  sur¬ 
faced  in  2001  when  Weather.com  was 
still  running  WebSphere  but  decided 
for  financial  reasons  to  change  operat- 
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ing  systems,  migrating  from  a  Sun  en¬ 
vironment  of  Solaris  running  on  Sun 
420R  servers  to  Linux  running  on  IBM 
xServer  330  servers. 

“We  had  problems  like  installation 
scripts  not  working  or  the  GUI  not 
connecting  to  do  the  proper  adminis¬ 
tration.  There  were  various  things 
that  were  subtle  differences  between 
the  platforms  that  hadn’t  been  totally 
worked  out  on  Linux,”  recalls  Jon 
Badenell,  Weather.com’s  chief  archi¬ 
tect.  “Nothing  was  a  showstopper, 
but  it  was  not  a  turnkey  installation 
either.” 

Working  with  IBM,  Weather.com’s 
23-member  team  of  systems  adminis¬ 
trators,  developers  and  architects  re¬ 
solved  all  of  the  inconsistencies.  In  the 
process,  they  boosted  both  their  confi¬ 
dence  and  skills  as  open-source  ex¬ 
perts.  And  Weather.com  saved  hun¬ 
dreds  of  thousands  of  dollars  by  mov¬ 
ing  off  the  Sun  servers,  Badenell  says. 
“Literally,  in  some  cases  it  was  orders 
of  magnitude  cheaper  to  go  to  the  Lin¬ 
ux  boxes,”  he  says.  “We  replaced  ma¬ 
chines  that  were  $500,000  with  ma¬ 
chines  that  were  $50,000.” 

Tomcat  vs.  WebSphere 

Bolstered  by  its  success  with  Linux  on 
Intel-based  machines,  the  IT  team  be¬ 
gan  looking  for  an  open-source  appli¬ 
cation  server  to  replace  WebSphere. 
Again,  cutting  costs  was  a  major  driver. 
Another  was  reducing  the  complexi¬ 
ties  and  overhead  associated  with  run¬ 
ning  the  complex  and  feature-rich 
WebSphere. 

The  WebSphere  servers  were  show¬ 
ing  signs  of  strain  and  required  repeat¬ 
ed  restarts  as  Weather.com’s  traffic 
load  steadily  increased,  spiking  to 
more  than  18  million  page  views  one 
day  during  a  snowstorm  in  January 
2002  [QuickLink  45818] 

“Our  Web  site  is  big,  and  we  get  a 
huge  number  of  hits,  but  we  don’t  do  a 
lot  of  complicated  stuff.  It’s  not  trans¬ 
actional,  and  users  are  reading  data, 
not  submitting  it,  so  we  didn’t  use 
three  quarters  of  what  WebSphere  ac¬ 
tually  offered,”  says  Badenell.  “There 
was  an  overhead  penalty  from  just  the 
size  of  the  installation  and  the  admin¬ 
istration  of  it.” 

Weather.com’s  software  developers 
also  found  WebSphere  to  be  cumber¬ 
some  and  slow.  As  a  work-around,  they 
frequently  developed  applications  us¬ 
ing  another  tool  and  then  ported  them 
to  the  WebSphere  application  server. 

“It  was  hard  to  run  WebSphere  and 
an  IDE  [integrated  development  envi¬ 
ronment]  because  of  all  the  resources 
WebSphere  took,”  recalls  Jeff  Cunning- 


Weather  Report: 

A  Migration 
Timeline 

MARCH  2000:  Weather.com  de¬ 
ploys  WebSphere  3.0.2  on  Sun 
420R  Solaris  servers  as  its  Web 
site  architecture. 

DECEMBER  2000:  Replaces 
Netscape  Enterprise  with  Apache. 

JUNE  2001:  Migrates  to  Web¬ 
Sphere  3.5  running  on  Linux. 

JULY  -  DECEMBER  2001:  Mi¬ 
grates  from  Sun  420R  servers  to 
Intel-based  IBM  xServer  330s. 

JAN.  3, 2002:  Performance 
suffers  as  a  winter  storm  draws 
18  million  page  views. 

JANUARY  2002:  Developers 
begin  using  Tomcat  Web  applica¬ 
tion  server  software. 

JUNE  2002:  A  new  local  activity 
page  is  launched;  Tomcat  replaces 
WebSphere. 

SEPTEMBER  2002:  The  site 
accommodates  25  million  page 
views  when  Hurricane  Isadore 
hits. 

JANUARY  2004:  The  Web  site 
sustains  55  million  page  views 
without  degradation  during  a  ma¬ 
jor  snowstorm. 

JANUARY  2004:  Migration  from 
Oracle  database  to  MySQL  begins. 


ham,  who  leads  the  Internet  applica¬ 
tion  development  team  at  Weather.- 
com.  “You  had  to  run  an  instance  of 
DB2  on  your  machine  because  Web¬ 
Sphere  stored  its  configurations  in 
DB2,  so  you  had  to  have  all  that  over¬ 
head.  It  was  just  really  slow.  I  just 
started  using  Tomcat  for  development 
because  it  was  so  much  faster.” 

There  was  also  the  issue  of  IBM’s  re¬ 
sponse.  “There  was  kind  of  a  gauntlet 
laid  down,”  says  Joey  Reynolds,  senior 
systems  administrator-supervisor  at 
Weather.com.  IBM’s  WebSphere  devel¬ 
opers  were  familiar  with  Weather.¬ 
com’s  software  code  because  they  had 
worked  closely  with  the  Web  site’s  IT 
team  to  resolve  earlier  performance 
problems.  “They  said,  ‘We  don’t  think 
you  guys  can  do  this,  and  you’ll  end  up 
staying  with  WebSphere  and  paying 
support,’  ”  says  Reynolds.  (IBM  de¬ 
clined  to  comment  for  this  story.) 

But  the  development  staff  was  un- 
daunted.“There  are  tremendously 


bright  individuals  here,  and  to  chal¬ 
lenge  them  to  go  that  little  extra  bit  is  a 
dangerous  thing  if  you  want  to  keep 
their  business,”  Reynolds  says. 

Moreover,  Weather.com  developers 
had  been  using  Tomcat  and  therefore, 
says  Reynolds,  “we  had  already  seen 
that  the  open-source  community  was 
adept  at  answering  our  questions.  It 
wasn’t  like  we  were  blind.” 

The  development  team  considered 
several  open-source  application 
servers,  Cunningham  says,  including 
Resin  from  Caucho  Technology  Inc. 
and  offerings  from  Hewlett-Packard 
Co.  and  GemStone  Systems  Inc.  “At 
one  point,  I  had  three  or  four  on  my 
machine,”  he  recalls. 

But  a  majority  of  team  members  pre¬ 
ferred  Tomcat,  so  the  group  decided  to 
pilot-test  the  software  with  a  new  ver¬ 
sion  of  the  Web  site’s  local  activity 
page,  which  dynamically  serves  up 
weather  data  for  selected  cities.  For 
the  test,  the  team  had  configured  the 
servers  to  switch  back  and  forth  be¬ 
tween  WebSphere  and  Tomcat. 

“When  we  rolled  out  that  page,  we 
discovered  Tomcat  was  significantly 
faster,”  recalls  Badenell.  “Because  that 
page  is  close  to  60%  of  our  total  page 
views,  it  was  at  that  point  that  we  de¬ 
cided  we  would  go  ahead  and  make  the 
switch  over  to  Tomcat.  We  were  hold¬ 
ing  our  breath,  and  it  worked  out,  and 
we  haven’t  turned  back  since.” 

The  switch  to  Tomcat  software  and 
Intel-based  commodity  servers  also 
enables  the  Web  site  to  add  capacity 
quickly  and  relatively  inexpensively. 

“In  our  architecture,  which  is  very  flat, 
scalability  comes  by  buying  more  ma¬ 
chines  and  throwing  more  Web  servers 
on  them.  It’s  much  more  cost-justifi¬ 
able  to  add  30%  more  capacity  by  buy¬ 
ing  12  more  machines,”  says  Tim 
Bolser,  director  of  application  develop¬ 
ment.  “We  don’t  have  to  write  a  check 
to  IBM  [for  WebSphere  licensing  fees], 
and  it  gives  us  a  lot  more  flexibility  in 
terms  of  deploying  assets.” 

“On  a  typical  day,  we  do  30  million 
database  calls  [to  the  Web  site’s  main 
Oracle  database]  for  just  the  desktop 
application,”  says  Agronow.  “We’re 
able  to  handle  that  with  Tomcat  and 
open-source  because  the  infrastruc¬ 
ture  gives  us  that  capability.  All  of  the 
servers  are  created  generically,  so  we 
can  scale  horizontally.  As  our  capacity 
increases  because  downloads  of  the 
desktop  application  are  increasing,  we 
just  add  another  generic  box,  and  that 
adds  capacity.” 

All  told,  Weather.com  has  75  pure 
Web  site  servers,  12  servers  supporting 
its  desktop  products  and  20  servers  to 


support  miscellaneous  requirements. 

It  also  has  dozens  of  development  and 
test  servers,  bringing  the  total  number 
of  servers  to  about  180. 

The  Support  Factor 

The  site’s  software  developers  also  are 
happy,  says  Bolser.  “Part  of  what  we 
like  with  open-source  is  you  can  look 
under  the  hood  and  see  things,”  he 
says.  “With  commercial  software,  if 
there’s  a  hole  and  it  gets  exposed, 
you’re  relying  on  the  vendor  to  fix  it, 
but  if  it’s  open-source,  either  the  open- 
source  community  or  you  can  plug  the 
hole  yourself.  Because  technical  peo¬ 
ple  are  skeptical  by  nature,  having 
more  access  to  the  code  actually  makes 
some  people  feel  more  comfortable 
and  secure,  rather  than  less.” 

Robin  Bloor,  an  IT  analyst  at  Barou- 
di  Bloor  in  Arlington,  Mass.,  says  re¬ 
ceiving  a  high  level  of  support  from 
open-source  communities  is  typical, 
especially  for  what  he  calls  “flagship” 
open-source  products,  such  as  Apache, 
Linux  and  Tomcat. 

“The  people  who  contribute  to  the 
creation  of  the  product  are  an  online 
community  and  continue  to  contribute 
to  its  support,”  Bloor  says.  “The  person 
you  talk  to  about  support  may  even 
write  a  little  piece  of  code  for  you  for  a 
very  specific  problem.” 

Looking  ahead,  Agronow  says  he 
wants  to  optimize  the  Tomcat  software 
and  Weather.com’s  overall  server  envi¬ 
ronment  for  Intel  Corp.’s  P4  proces¬ 
sors.  “If  it  was  optimized,  we’d  get 
even  better  performance  out  of  it. 
That’s  the  one  disappointment  I  have 
with  Tomcat  —  it  doesn’t  seem  to  be 
optimized  for  the  latest  generation  of 
processors.  And  we  want  speed.  Speed 
is  what  gives  us  performance  and  in¬ 
creases  capacity,”  he  says. 

Weather.com  is  also  working  on 
swapping  out  its  Oracle  database  for 
the  open-source  MySQL. 

Agronow  says  the  IT  team  has  clear¬ 
ly  demonstrated  that  open-source 
makes  sense  for  Weather.com.  “It  saves 
us  money,  and  every  time  we  did  [a  mi¬ 
gration]  we  got  more  confident  about 
the  next  one,”  he  says. 

And  that  confidence  extends  beyond 
the  IT  staff,  Agronow  says.  “Now  when 
I  talk  to  senior  management  about 
moving  from  Oracle  to  MySQL  they 
don’t  ask  me,  ‘Are  you  sure?’  ”  he  says. 
“They  ask  me,  ‘When?’  ”  ©  46065 


PEOPLE  DRIVE  THE  PROJECT 

In-house  expertise  was  key  to  the  success  of 
Weather.com's  move  to  open-source  systems: 
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A  server  engineered  to  deliver  on  both  sides  of  the  price/performance  equation. 


The  HP  ProLiant  DL380  G3  gives  you  true  high  performance  at  a  truly  affordable  price,  while  our  Intel®  Xeon™ 

processor-powered  HP  ProLiant  DL380  G3  server  certainly  offers  blazing  performance,  the  engineers  behind  it  would  challenge  you  to  rethink  the  definition 
of  performance  entirely.  Consider,  for  example,  what  happens  when  you  need  to  add  a  storage  device  to  a  typical  server- the  server  must  be  powered 
down,  and  your  productivity  drops  to  zero.  This  fact  led  us  to  design  hot-pluggable  technology  on  the  DL380  that  allows  you  to  swap  out  a  number  of  key 
server  components,  including  the  reliable  and  efficient  HP  DAT  72h  tape  backup  solution  without  ever  interrupting  server  operation.  The  DL380  and  DAT  72h 
also  feature  space-saving  designs,  and  server  management  is  easy  yet  robust  thanks  to  our  ProLiant  Essentials  Software.  Demand  more  uptime  and  more  real 
performance  from  a  server.  And  demand  more  value,  from  HP. 


HP  ProLiant  DL380 
G3  SERVER 


$2,349 

after  400  slant  savings* 

One  Intel®  Xeon,M  processor  3.06GHz  with 
512KB  cache  (upgradable  to  2  x  3.20GHz) 

1GB  PC2100DDR  SDRAM  (12GB  aximum)* 

I  Integrated  Lights-Out  (iLO) 
management  (standard) 

I  ServerWorks  GC-LE  Chipset 

I  Integrated  Smart  Array  5i  Plus  Controller 

I  Three  available  PCI-X  slots  (2  hot  pluggable) 

I  Two  NC7781  PCI-X  Gigabit  NICs  (embedded) 


Enhance  your  system. 


HP  Storage  Works  DAT  72  h 

HOT- PLUG  TAPE  DRIVE 

-  Industry-standard  DDS  technology 

”  Up  to  36GB  native  capacity  on  a  single 
tape,  72GB  at  2:1  compression* 

-  HP  StorageWorks  One-Button  Disaster 
Recovery  (OBDR)  restores  your  entire 
system  at  the  touch  of  a  button 

-  Up  to  3MB/s  native  data  transfer  rate, 
6MB/s  with  2:1  compression 

$1,349 

(after  $150  instant  savings)  * 


HP  ProLiant  DL  380  G3  offer  good  through  4/30/04. 


invent 


- —————— 

BUY  NOW 

Click  www.hp.com/go/prolianfesg2 

Ca  l  Toll  Free 

1-888-367-1949 
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Optical  Storage 
Sings  the  Blues 


EMERGING 

TECHNOLOGIES 


Blue-lasertechnology  will  dramatically 
increase  storage  densities  of  optical 
media  -  and  lower  costs.  BY  GARY  H.  anthes 


Even  IT  managers  can  get  the 
blues.  Or  at  least  that’s  what  a 
gaggle  of  vendors  are  hoping 
as  they  prepare  ultradense 
optical  storage  products 
based  on  blue-laser  technology. 

Conventional  optical  technologies 
such  as  CD,  DVD  and  magneto-optical 
(MO)  drives  write  data  using  red 
lasers.  But  makers  of  storage  systems 
and  recording  media  are  developing 
ways  to  read  and  write  using  more  effi¬ 
cient  blue  lasers.  Because  these  lasers 
operate  at  shorter  optical  wavelengths, 
they  can  write  more  data  in  the  same 
space  and  write  and  read  data  faster 
than  devices  that  use  red  lasers. 

Sony  Corp.  led  the  way  when  a  con¬ 
sortium  it  founded  last  fall  announced 
Blu-ray,  a  technology  that  can  write 
25GB  of  data  on  a  DVD-size  disc  (a 


standard  DVD  holds  4.7GB).  And  Cam¬ 
bridge,  England-based  Plasmon  PLC 
is  already  shipping  a  first-generation 
blue-laser  disc  drive  that  boosts  the 
capacity  of  a  5.25-in.  optical  disc  from 
9.1GB  to  30GB.  Plasmon  says  the  price 
per  gigabyte  of  its  drive  is  80%  lower 
than  the  prices  of  products  based  on 
conventional  red-laser  MO  technology. 

Competing  Camps 

Most  of  the  buzz  about  blue-laser  tech¬ 
nology  has  focused  on  the  consumer 
electronics  market,  where  blue-laser 
discs  are  seen  as  a  successor  to  DVDs. 
The  devices  could  also  be  used  for 
backing  up  desktop  PCs  or  archiving 
audio,  video  and  image  files. 

Two  industry  groups  are  promoting 
incompatible  formats:  Blu-ray  Disc 
Founders,  a  consortium  of  Japanese 


www.computerworld.com 


companies  led  by  Sony  and  recently 
joined  by  Hewlett-Packard  Co.  and 
Dell  Inc.;  and  the  DVD  Forum,  led  by 
Toshiba  Corp.  and  NEC  Corp. 

The  high-definition  DVD  (HD- 
DVD)  standard  promoted  by  the  DVD 
Forum  is  an  extension  of  red-laser 
technology  that  uses  the  same  disc 
form  as  conventional  DVDs.  Designed 
to  maintain  backward  compatibility 
with  existing  DVD  media,  it  uses  the 
same  bonded-disc  structure  as  the  cur¬ 
rent  red-laser  DVD  and  sandwiches 
the  recording  layer  between  two 
0.6mm-thick  plastic  layers.  A  single¬ 
layer  read-only  disc  has  a  capacity  of 
15GB,  and  a  dual-layer  disc  supports 
30GB. 

The  Blu-ray  standard  represents  a 
more  radical  departure  from  the  exist¬ 
ing  DVD  format.  While  the  disc  is  the 
same  size  as  a  DVD,  the  recording  layer 
sits  on  the  surface  of  a  1.1mm  substrate 
and  is  protected  by  a  special  coating.  A 
single-layer  BD-ROM,  as  the  Blu-ray 
Disc  Founders  call  it,  will  hold  25GB  — 
67%  more  than  an  HD-DVD  —  and  a 
dual-layer  disc  will  hold  50GB. 

Mike  Fidler,  a  senior  vice  president 
at  Sony,  says  the  company  will  have 
Blu-ray  media  in  both  write-once  and 
rewritable  formats  by  year’s  end  and 
will  ship  a  Blu-ray  disc  player  by  the 
end  of  2005.  Blu-ray  in  PCs  will  follow 
roughly  the  same  schedule,  he  pre¬ 
dicts.  “HP  and  Dell  look  at  this  from 
both  the  entertainment  and  data¬ 
storage  perspectives,”  he  says. 

Disc  Economics 

The  price  of  Blu-ray  and  HD-DVD 
drives  and  media  will  eventually  come 
down  to  the  levels  of  today’s  red-laser 
devices  and  media,  analysts  say,  but 
users  will  see  a  much  lower  net  cost 
per  gigabyte  of  data  stored.  And  that 
cost  will  continue  to  fall  as  storage 
densities  increase.  Today,  however, 
Sony  Blu-ray  recorders,  which  are 
available  only  in  Japan,  sell  for  $2,700. 
Discs  are  $23  each. 

It’s  not  clear  which  format  will  ulti¬ 
mately  prevail.  HD-DVD  has  lower  ca¬ 
pacity  but  is  less  costly  to  manufacture 
because  discs  can  be  made  using  exist¬ 
ing  DVD  production  equipment.  Blu- 
ray  proponents  counter  that  although 
their  manufacturing  processes  must 
be  changed  more  radically,  it  will  be 
cheaper  in  the  long  run  to  make  a  Blu- 
ray  disc  than  an  HD-DVD. 

Right  now,  PC  users  may  want  to 
place  their  bets  with  Blu-ray,  since  it’s 
the  only  blue-laser  format  to  be  en¬ 
dorsed  by  major  PC  makers  so  far. 

For  storage  administrators  who  care 
more  about  data  archiving  than  about 
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TECH  SPECS 


DVD  Optical  Disc 


Capacity  *  4.7GB  20GB  27GB 

Transferrate  11  Mbit/sec.  36  Mbit/sec.  36  Mbit/sec. 

Availability  Now  Early  2005  Late  2005 


SOURCE:  BLU-RAY  DISC  FOUNDERS  AND  DVD  FORUM  *  REWRITABLE  FORMAT 


5.25-in.  Optical  Disc 


RED- 

-LASER 

BLUE-LASER  (100%  OPTICAL) 

MAGENTO-OPTICAL 

PLASMON  UDO 

SONY PDD 

Capacity 

9.1GB 

30GB 

23GB 

Transfer  rate  (read) 

6MB/sec. 

8MB/sec. 

IIMB/sec. 

Cost/GB  (incl.  library) 

SOURCE:  PLASMON  PLC.  SONY  CORP 

$10 

$2 

NA 

downloading  high-definition  television 
footage,  other  blue-laser  technologies 
are  emerging.  For  years,  companies  in 
industries  such  as  financial  services, 
health  care,  insurance  and  publishing 
have  chosen  optical  media  for  archiv¬ 
ing  because  they’re  extremely  reliable 
and  long-lived.  And  because  they  can’t 
be  erased  or  rewritten,  optical  media 
meet  the  most  stringent  government 
requirements  for  records  retention. 

When  it  comes  to  enterprise  storage, 
the  amount  of  data  stored  on  optical 
media  will  remain  a  tiny  fraction  of  the 
amount  stored  on  magnetic  media  for 
the  foreseeable  future,  says  Peter 
Gere,  an  analyst  at  Enter¬ 
prise  Storage  Group 
Inc.  in  Milford, 

Mass.  But  he  pre¬ 
dicts  that  the  cost 
advantage  of  blue- 
laser  media  will  feed 
a  surge  in  popularity 
for  write-once,  read- 
many  optical  storage  in 
the  wake  of  new  regulations  and 
recent  litigation  related  to  data 
archiving. 

“IT  managers  are  hypersensitive  to 
the  risks  associated  with  poor  records 
management,  and  optical  storage  is  the 
poster  child  for  long-term  data  reten¬ 
tion,”  Gere  says.  “It  may  not  be  the 
fastest  or  the  most  cost-effective,  but  it 
is  the  best  media  right  now  in  terms  of 
ensuring  long-term  data  retention.” 
Plasmon’s  blue-laser  Ultra  Density 
Optical  (UDO)  technology  “has  really 
given  optical  a  new  life,”  he  adds. 

Optical  storage  is  likely  to  remain 
somewhat  more  costly  than  other  tech¬ 
nologies,  Gere  says.  “But  you  are  pay¬ 
ing  not  only  for  longevity,  but  also  for 
something  magnetic  media  can’t  pro¬ 
vide,  which  is  immutability,”  he  adds. 

Archiving  Applications 

UDO  drives  and  media  represent  an¬ 
other  application  of  blue  lasers,  one 
designed  specifically  for  professional 
data-archive  applications.  UDO  sys¬ 
tems  use  the  same  5.25-in.  disc  format 
as  conventional  MO  libraries,  but  they 
use  blue  lasers  and  can  store  3.3  times 
more  data  than  MO  discs  can.  Plasmon 
calls  UDO  a  successor  to  MO.  How¬ 
ever,  UDO  is  all-optical,  whereas  MO 
discs  support  magnetic  storage  on  one 
side  and  optical  on  the  other. 

Although  developed  and  promoted 
by  Plasmon,  the  UDO  specification 
was  formally  published  and  adopted  in 
January  by  Ecma  International’s  TC31 
Technical  Committee.  Ecma  is  an  in¬ 
dustry  association  based  in  Geneva. 

Although  Plasmon  sells  DVD  drives 


and  media,  Dave  DuPont,  Plasmon’s 
marketing  vice  president,  says  DVDs 
in  red-  or  blue-laser  formats  will  see 
very  little  corporate  use  because 
they’re  more  fragile  and  less  reliable 
than  UDO.  “We  are  finding  customers 
are  unhappy  with  DVD  because  be¬ 
cause  it  was  never  really  designed  as  a 
professional  archival  technology,”  he 
says.  “All  the  people  we  talk  to  want  to 
move  away  from  DVD  because  the  me¬ 
dia  is  of  uncertain  quality.” 

Last  month,  Plasmon  announced 
that  HP  will  use  UDO  drives  and  me¬ 
dia  in  Storage  Works  optical  libraries. 

The  5.25-in.  blue-laser  format  will 
gain  popularity  because  of  its  cost  ad¬ 
vantages  over  red-laser  MO  discs, 
says  DuPont.  A  new  market  is 
emerging  as  companies 
and  government 
agencies  demand  a 
way  to  store  surveil¬ 
lance-camera  images 
for  long  periods  of  time, 
not  just  for  a  few  days,  as 
was  common  before  the  recent 
rise  of  terrorism,  he  says. 

Digital  Storage  Solutions,  an  imaging 
systems  reseller  and  service  bureau  in 
Brentwood,  N.Y.,  scans  documents  for 
clients  and  archives  the  data  to  DVD 
or  MO.  Paul  Greene,  director  of  the 
company’s  storage  division,  says  he’ll 
migrate  to  UDO,  probably  this  year. 

“Traditionally,  MO  has  been  geared 
to  professional  archiving,  and  CD  and 
DVD  have  been  geared  to  consumer 
markets  because  the  cost  is  so  much 
lower  than  for  MO,”  he  says.  “Now, 
with  UDO,  you  get  a  much  higher  ca¬ 


pacity  per  disc  plus  much  higher  relia¬ 
bility  because  it’s  a  jacketed  media.” 

Greene  says  a  complete  UDO  system 
—  including  the  library,  media,  maga¬ 
zines  for  handling  the  media,  software 
and  maintenance  contract  —  will  cost 
just  slightly  more  than  a  DVD  storage 
system.  “You  may  pay  10%  more  up¬ 
front,  but  that’s  spread  over  the  life  of 
the  system,  and  you  get  much  more  re¬ 
liability  and  longevity,”  he  says. 

One  of  Greene’s  customers,  a  service 
bureau,  put  in  two  Plasmon  UDO  juke¬ 
boxes  a  month  ago  and  has  seen  flaw¬ 
less  performance  so  far,  he  says.  The 
Plasmon  units  relace  IBM  jukeboxes 
based  on  5.2GB  MO  discs.  The  service 
I  bureau’s  eight  jukebox  units  filled 


quickly,  and  they  have  been  expanded 
from  1.3TB  each  to  19TB  each,  Greene 
says.  And,  he  adds,  the  customer 
gained  about  30%  in  read  and  write 
speeds  over  MO. 

Sony  recently  announced  its  own 
line  of  5.25-in.  blue-laser  drives  and 
media,  called  Professional  Disc  for 
Data  (PDD),  but  Plasmon  is  the  clear 
leader  in  this  market,  Gere  says.  HP 
and  IBM  use  UDO  in  their  storage  sys¬ 
tems,  and  Plasmon  and  HP  have  94% 
of  the  optical  library  market.  So  far, 
only  Sony  supports  PDD.  “I’d  say  PDD 
is  a  niche  product  for  those  that  are 
loyal  Sony  customers,”  says  Gere.  “I 
don’t  see  any  major  systems  vendors 
lining  up  to  support  PDD.”  ©  46062 


Comparing  CD,  DVD  and  BD 
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Emerging  blue-laser  technology  will  increase  storage  density  by  a  factor  of  five  over  traditional  media.  The  photos  below  show  how  data  is  stored  on 
a  CD,  a  traditional  DVD  (center)  and  a  Blu-ray  disc  (right).  A  competing  standard,  HD-DVD,  can  hold  about  four  times  as  much  data  as  today’s  DVDs. 
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Data  Goes  Into  Action 


No  more  Information  lags.  Sybase  Real 
Time  Data  Services  proactively  pushes 
data  to  where  it's  needed,  when  it's 
needed,  in  the  form  it's  needed. 
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Data  Goes  To  The  Edge 

Real-time  data  everywhere.  Sybase 
mobile  middleware  and  mobile  databases 
enable  secure,  wireless  delivery  of 
relevant,  intelligent,  actionable  data. 


Data  Gets  A  Lot  Smarter 


Your  data  gets  smarter  every  step  of  the 
way.  Sybase  Integration  Orchestrator  links 
isolated  events  with  knowledge  and  then 
correlates  those  events  into  meaningful 
business  performance  metrics. 


Sybase  Real  Time  Data  Services 
can  help  your  enterprise 
become  smarter,  faster,  and  more 
responsive.  Implementing 
a  real-time  initiative?  Start  with 
our  new  White  Paper. 
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MATTERM 


Information  systems  will 
see  the  first  applications. 
By  Patrick  Thibodeau 
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WHAT  IS  IT?  Molecules, 
atoms  and  subatomic  parti¬ 
cles  that  can  be  manipulated 
into  memories,  logic  circuits 
and  whole  computers. 

WHAT’S  THE  BENEFIT? 

Systems  are  tiny,  ubiquitous 
and  cheap,  so  they  can  be 
used  to  deliver  drugs  inside  the 
body,  for  example,  or  to  create 
a  “smart"  adaptable  surface. 

HOW  DOES  IT  WORK? 

Electrochemical  systems 
self-assemble  and  are  pro¬ 
grammed  by  the  application 
of  electrical  charges. 


To  REALLY  under¬ 
stand  the  future, 
you  have  to  sus¬ 
pend  disbelief 
and  imagine  for  a 
moment  that  soft¬ 
ware  isn’t  just 

code  on  a  screen;  it’s  also  mat¬ 
ter.  It’s  physical  —  as  real  as 
the  chair  you  are  sitting  in. 
And  it’s  programmable. 

Programmable  mat¬ 
ter.  It’s  a  world  that  re¬ 
searchers  such  as 
Richard  Minn,  an 
electrical  engineer  at 
the  National  Institute 
of  Standards  and  Technology, 
are  building  —  one  artificial 
atom  at  a  time.  An  early  bene¬ 
ficiary  of  this  work  could  be 
information  systems. 

At  a  NIST  lab  in  Boulder, 
Colo.,  Minn  is  using  a  quan¬ 
tum  dot,  also  known  as  an  ar¬ 
tificial  atom  because  of  its  ca¬ 
pability  to  hold  an  electron  in 
place.  In  this  case,  the  electron 
is  placed  around  a  positively 


charged  particle.  They  com¬ 
bine,  annihilate  each  other 
and  emit  a  photon,  the  small¬ 
est  pulse  of  light. 

It’s  a  process  that  can  be 
controlled  to  create  a  “photon 
on  demand,”  or  something  akin 
to  a  binary  on/off  switch.  This 
ability  to  control  the  release  of 
photons  could  have  applica¬ 
tions  in  an  area  of  computer 
security  called  quan¬ 
tum  cryptography.  The 
government  is  interest¬ 
ed  in  it  because  the  use 
of  photons  encoded 
in  “quantum  states” 
to  communicate  between  a 
sender  and  receiver  is  “uncon¬ 
ditionally  secure.”  If  there  is 
any  eavesdropping  or  intercep¬ 
tion  of  the  message,  the  trans¬ 
mission  will  be  altered,  which 
ensures  detection. 

NIST,  as  well  as  researchers 
in  corporate  and  academic 
labs,  are  working  with  atoms 
and  subatomic  particles,  the 
building  blocks  of  all  matter, 


to  develop  quantum  cryptog¬ 
raphy  and  other  technologies. 

In  short,  the  software  itself 
is  the  material  structure:  It  is 
the  configuration  of  the  mole¬ 
cules,  atoms  and  electrons. 
Change  their  fundamental 
properties,  and  the  software 
is  changed. 

“In  order  to  program  at  this 
level,  you  have  to  move  the 
matter  —  there  is  just  no  way 
around  it,”  says  James  C.  El- 
lenbogen,  senior  principal  sci¬ 
entist  at  Mitre  Corp.’s  Nano¬ 
systems  Group  in  McLean,  Va. 
For  Ellenbogen,  this  is  “matter 
as  software.” 

Making  something  work  at 
nanoscales  pushes  current 
technology  to  its  limits  and 
beyond.  Chemists  have  long 
known  how  to  synthesize 
chemicals  at  an  atomic  level, 
but  combining  chemicals  alone 
doesn’t  make  a  computer. 

“Our  strategy  has  been  to 
make  some  very  simple  chem¬ 
ical  systems  that  self-assemble 


FUTURE 

WATCH® 


and  then  essentially  electrical¬ 
ly  download  complexity  into 
those  afterward,”  says  Philip 
Keukes,  a  senior  computing 
architect  in  quantum  science 
at  Hewlett-Packard  Co. 

HP  has  developed  a  nano¬ 
scale,  molecular-based  pro¬ 
grammable  device.  To  get 
an  idea  of  what  it  looks  like, 
imagine  a  sandwich.  One  layer 
is  wiring  that  is  approximately 
40  nm  across  —  a  nanometer 
is  one-billionth  of  a  meter  — 
going  north  and  south.  The 
peanut  butter  in  this  sandwich 
is  a  layer  of  chemically  creat¬ 
ed  molecules,  and  then  anoth¬ 
er  layer  of  wires  crosses  east 
and  west. 

This  creates  an  electro¬ 
chemical  cell,  which  can  be 
programmed  by  applying  elec¬ 
trical  charges.  That  opens  and 
closes  switches  in  the  chemi¬ 
cal  substrate  in  a  process  simi¬ 
lar  to  what  goes  on  in  dynamic 
RAM.  In  the  next  two  years, 
HP  hopes  to  develop  18Kbit 
memory  with  this  process, 
Keukes  says. 

These  memories  will  go 
into  systems  of  incredibly 
small  size  —  so  tiny  that  they 
can  be  embedded  in  a  piece  of 
paper,  used  to  deliver  drugs 
inside  the  body  and  included 
in  everyday  objects  such  as  a 
child’s  crib  to  detect,  for  in¬ 
stance,  a  baby  in  distress. 

Smart  Matter 

These  systems  are  also  called 
“smart  matter”  because  they 
have  some  computational 
capability  and  can  be  pro¬ 
grammed  to  change  shape. 
Dolphins,  for  instance,  can 
swim  very  quickly  because 
they  are  able  to  change  the 
microstructure  of  their  skin  as 
water  flows  by  it.  Similar  tech¬ 
nologies  could  be  developed 
for  airplane  and  ship  surfaces 
to  respond  to  environmental 
changes  using  smart  matter 
that’s  programmed  to  change 
shape,  say  researchers. 

Creating  such  technology 
involves  vast  research  across 
many  institutions.  At  Palo  Alto 
Research  Center  Inc.  (PARC), 
work  is  under  way  to  get  smart 
matter  to  behave  in  a  distrib¬ 
uted  way,  in  much  the  same 
way  cells  in  a  body  interact. 

“We’re  still  trying  to  catch 


up  with  evolution,  biological 
systems,”  says  Dave  Biegelsen, 
a  research  fellow  at  PARC  who 
is  focusing  on  principles  for 
getting  smart-matter  devices 
to  communicate  and  compute 
together. 

Step  further  into  the  future 
and  you  enter  a  world  envi¬ 
sioned  by  Wil  McCarthy,  chief 
technology  officer  of  Galileo 
Shipyards  LLC,  an  aerospace 
research  facility  in  Lakewood, 
Colo.,  and  author  of  Hacking 
Matter  (Basic  Books,  2004). 

In  McCarthy’s  view,  having 
the  ability  to  literally  program 
matter  creates  an  entirely  new 
technology  paradigm.  Imagine 
the  house  of  the  future:  Instead 
of  windows  consigned  to  a 
fixed  location,  the  owner  can 
move  them  around  by  chang¬ 
ing  different  parts  of  the  house 
from  opaque  to  transparent. 

This  house  would  include 
large  arrays  of  programmable 
dots  in  material  that  conducts 
electricity,  much  like  silicon- 
based  material  does  today.  But 
with  programmable  quantum 
dots,  McCarthy  says,  you  can 
create  metal  traces  inside  a 
solid  object,  create  an  electric 
circuit  to  perform  a  particular 
task  and  then  erase  it  once  it’s 
complete. 

But  major  research  hurdles 
exist.  For  instance,  while  re¬ 
searchers  are  starting  to  pro¬ 
duce  some  nanoscale  compo¬ 
nents,  getting  those  compo¬ 
nents  to  interact  with  existing 
applications  and  silicon-based 
systems  remains  a  major  chal¬ 
lenge,  says  Howard  Davidson, 
a  distinguished  engineer  at 
Sun  Microsystems  Inc.’s  labo¬ 
ratories.  Researchers  are  mak¬ 
ing  progress,  but  Davidson 
believes  the  first  complete 
nanocomputers  that  can  con¬ 
nect  to  traditional  applica¬ 
tions  or  systems  are  20  years 
off.  Regarding  the  world  Mc¬ 
Carthy  envisions,  where  mat¬ 
ter  can  be  changed  in  almost 
anything,  Davidson  says  he 
believes  the  technology  prob¬ 
lems  may  be  insurmountable. 
O  46099 


MATTER  AS  SOFTWARE 
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Failure  to  Communicate 
Dooms  IDS  Alert  Process 


An  early  warning  goes  unheeded,  SQL 
Slammer  worms  its  way  in,  and  all  hell 
breaks  loose.  By  Mathias  Thurman 


OUR  INTRUSION-deteC- 
tion  system  consists 
mostly  of  PCs  that  act 
as  network  sensors  by 
running  Snort  open-source 
software.  The  IDS  worked 
very  well  in  giving  us  an  early 
warning  of  an  impending  SQL 
Slammer  attack  a  few 
weeks  ago.  But  com¬ 
munication  between 
my  group  and  the  op¬ 
erations  group  broke 
down,  turning  what 
should  have  been  a 
minor  issue  into  a 
major  problem.  Now  manage¬ 
ment  is  talking  about  merging 
remediation  responsibilities 
into  my  small  group  —  some¬ 
thing  we’re  not  prepared  to 
handle. 

We  have  more  than  25  IDS 
sensors  across  our  network 
worldwide,  and  we  can  see 
about  90%  of  the  company’s 
internal  network  traffic.  The 
remaining  10%  comes  from 
our  engineering  labs  and  re¬ 
mote  sales  offices,  which  we 
plan  to  monitor  as  soon  as  we 
can  get  the  resources. 

Our  IDS  gives  us  a  unique 
view  into  our  network.  We’re 
the  only  IT  organization  in  the 
company  that  can  see  all  traf¬ 
fic  as  it  enters  and  leaves  the 
network  and  examine  it  at  the 
packet  level.  With  this  com¬ 
prehensive  view,  it’s  not  sur¬ 
prising  that  we  were  the  first 
to  observe  initial  SQL  Slam¬ 
mer  activity. 

The  Slammer  worm  entered 
our  network  via  an  unpatched 
server  in  one  of  our  engineer¬ 
ing  labs.  The  person  monitor¬ 
ing  the  IDS  noticed  outbound 
traffic  consistent  with  SQL 
Slammer  at  about  7:30  one 
morning  and  traced  it  back  to 
a  lab  server.  The  staffer  sent 


an  e-mail  that  included  details 
on  the  suspected  traffic  and 
followed  up  with  a  phone  call 
and  a  voice-mail  message. 

The  operations  group  gets 
so  many  e-mails  that  if  you 
don’t  let  it  know  you’ve  sent 
something  important,  the  mes¬ 
sage  might  get 
missed.  That’s  exact¬ 
ly  what  happened 
this  time.  The  e-mail 
alert  wasn’t  read, 
and  our  voice  mes¬ 
sage  wasn’t  retrieved 
in  time  to  block  the 
attack.  A  few  hours  later,  we 
found  ourselves  dealing  with  a 
massive  number  of  reports  of 
network  and  server  problems. 

The  Repercussions 

Although  the  SQL  Slammer 
worm  was  initially  released  in 
January  2003,  variations  of  it 
continue  to  float  around  the 
Internet.  Meanwhile,  people  at 
my  company  are  still  deploy¬ 
ing  new  servers,  especially  in 
lab  environments,  without  the 
proper  patches  and  service 
packs  installed.  That  leaves  us 
vulnerable  to  Slammer  and 
many  other  exploits. 

The  consequences  have 


Now  management 
is  talking  about 
merging  remediation 
responsibilities  into 
my  small  group  - 
something  we’re  not 
prepared  to  handle. 


been  costly.  During  this  latest 
incident,  we  had  to  configure 
access-control  lists  on  key 
routers  in  order  to  mitigate 
the  attack,  which  required  the 
services  of  15  to  20  people  for 
many  hours.  If  the  machines 
had  been  patched,  there 
might  not  have  been  an  in¬ 
cident  at  all. 

But  even  with  the  machines 
unpatched,  better  communica¬ 
tion  and  a  more  timely  re¬ 
sponse  to  our  initial  warning 
would  have  kept  the  problem 
from  escalating. 

My  team  and  I  are  trying 
to  address  the  lab  vulnerabili¬ 
ty.  Since  we  have  limited  con¬ 
trol  over  how  the  lab  builds 
servers,  we’re  in  the  process  of 
deploying  a  device  between 
the  lab  and  corporate  network 
segments  that  will  offer  URL 
filtering,  virus  scanning  and 
some  firewall  protection. 

We  also  plan  to  address  the 
communication  and  reporting 
problem  by  deploying  a  data- 
correlation  tool  to  send  alerts 
to  a  more  manageable  console, 
instead  of  through  unreliable 
e-mails. 

Surprise  Solution 

We  weren’t  the  only  ones  com¬ 
ing  up  with  solutions,  howev¬ 
er.  After  we  regained  control 
of  the  situation,  the  IT  securi¬ 
ty  group  received  an  e-mail 
from  a  high-level  manager 
suggesting  that  we  be  the  cen¬ 
tral  point  of  contact  for  all 
virus-related  activity  and  that 
we  should  be  responsible  for 
managing  and  creating  all  in¬ 
cident  reports  for  viruses. 

This  made  sense,  he  argued, 
since  my  team  has  consistent¬ 
ly  been  the  first  responder 
whenever  malicious  code  has 
appeared  on  our  networks. 

While  we  were  grateful  for 
the  recognition,  the  manager’s 
e-mail  was  also  of  concern  to 
us  and  the  cause  of  much  dis¬ 
cussion.  On  one  hand,  we’re 


in  the  best  position  to  detect 
malicious  activity  within  the 
network,  and  we  can  provide 
the  most  meaningful  informa¬ 
tion  on  issues  ranging  from 
viruses  to  hacking  activity.  But 
we  don’t  feel  that  our  small 
group  should  be  responsible 
for  managing  every  virus  once 
it  has  been  detected. 

We  should  handle  some  in¬ 
cidents.  For  example,  if  we’re 
presented  with  information 
indicating  that  someone  has 
purposefully  introduced  mali¬ 
cious  code  into  our  network 
or  written  a  virus,  that  would 
be  different.  But  with  some 
guidance  from  the  security 
group,  the  desktop-support 
group  has  traditionally  han¬ 
dled  viruses  very  well. 

Given  our  staff  size  and 
abilities,  our  group  should  be 
used  as  a  resource  for  detect¬ 
ing  problems.  But  remediation 
should  continue  to  be  handled 
by  other  groups.  Because  of 
our  limited  resources,  manag¬ 
ing  virus  problems  would  con¬ 
sume  most  of  our  time  and 
hurt  our  ability  to  attend  to 
other  security-related  matters. 
This  is  also  a  politically  hot 
turf  issue.  We  need  to  respond 
very  carefully,  so  as  not  to 
alienate  our  peers  in  the  other 
IT  operations  groups. 

We’re  hoping  to  come  up 
with  a  combination  of  training 
and  tools  so  we  can  offload 
as  many  operational  security 
tasks  as  possible  to  these  other 
groups.  Then  we  can  stay  fo¬ 
cused  on  what  we  do  best:  IT 
security  engineering,  architec¬ 
ture  and  consulting.  I 

WHAT  DO  YOU  THINK? 

This  week's  journal  is  written  by  a  real  securi¬ 
ty  manager.  "Mathias  Thurman,”  whose 
name  and  employer  have  been  disguised  tor 
obvious  reasons.  Contact  him  at  mathias_ 
thurman@yahoo.com,  or  join  the  discussion 
in  our  forum.  QuickLink  a1590 

To  find  a  complete  archive  of  our 
Security  Manager's  Journals,  go  online  to 

O  computerworld.com/secjournal 
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Security  Bookshelf 

■  Designing  Network  Securi¬ 
ty,  Second  Edition,  by  Merike 
Kaeo;  Cisco  Press,  2003. 

At  first  glance,  this 
book  appears  to  fo¬ 
cus  on  Cisco  prod¬ 
ucts.  Indeed,  many 
of  the  diagrams  are 
typical  of  what  you’d 
see  in  a  Cisco  shop, 
but  the  first  eight 
chapters  offer  very 
useful  and  non-ven¬ 
dor-specific  security  best 
practices.  The  other  chapters 
are  Cisco-centric,  however, 
and  focus  on  vendor-specific 
device  configurations  and  im¬ 
plementation  examples. 

This  edition  also  covers 
public-key  infrastructure  and 
wireless.  It  even  has  informa¬ 
tion  on  802.1x  switch-port 
authentication,  which  I  found 
interesting  because  my  com¬ 
pany  is  considering  imple¬ 
menting  this  new  technology. 
I’d  recommend  this  book  not 
only  for  Cisco  shops  but  also 
as  a  general  reference. 

-  Mathias  Thurman 


Web  Services 
Standard  Approved 

The  Organization  for  the  Ad¬ 
vancement  of  Structured  In¬ 
formation  Standards  has  rati¬ 
fied  the  Web  Services  Security 
standard.  WSS  1.0  specifies  a 
series  of  Simple  Object  Access 
Protocol  extensions  designed 
to  secure  the  confidentiality 
and  integrity  of  Web  services 
messages. 


Task  Force  Issues 
Security  Guidelines 

IT  vendors  should  improve  de¬ 
fault  security  settings  in  their 
products,  a  committee  of  the 
National  Cyber  Security  Part¬ 
nership  Task  Force  said  in  a 
report  on  technical  standards. 
The  group  has  asked  vendors 
to  provide  stronger  “out-of- 
the-box”  security  configura¬ 
tions  and  to  support  at  least 
one  configuration  profile  that 
provides  a  baseline  security 
level.  The  report  is  available  at 
www.cyberpartnership.org/ 
TF4TechReport.pdf. 
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Microsoft  Previews 
SP1  for  OneNote 

Microsoft  Corp.  last  week  an¬ 
nounced  a  preview  release  of  its 
Office  OneNote  2003  Service 
Pack  t.  SP1  contains  technical 
updates  and  enhanced  features 
such  as  the  ability  to  copy  notes 
from  a  Pocket  PC  into  OneNote, 
increased  integration  with  Office 
2003  and  the  ability  to  pass- 
word-protect  notes,  according  to 
the  company.  Microsoft  said  the 
service  pack  is  based  on  cus¬ 
tomer  feedback.  The  preview 
can  be  downloaded  at  www. 
microsoft.com/office/onenote/ 
SP1.  The  final  release  of  SP1  is 
due  later  this  year. 


Workshare  Updates 
Content  Software 

Workshare  Technology  in  London 
has  announced  Version  3.5  of  its 
Workshare  3  content  change 
software.  Workgroups  that  use 
Microsoft  Word  and  e-mail  to  cre¬ 
ate  and  share  business  docu¬ 
ments  can  now  use  Version  3.5  to 
manage  suggested  changes  from 
multiple  users,  according  to  the 
company.  The  new  version  of 
Workshare  is  available  for  $300 
per  user  for  a  perpetual  license. 


D-Link  Offers 
WLAN  Video  Input 

O-Link  Corp.  in  Taipei,  Taiwan, 
has  announced  its  Wireless  Pre¬ 
sentation  Gateway,  an  adapted 
wireless  LAN  access  point  that 
serves  as  an  input  device  for  mul¬ 
timedia  projectors  or  LCD  flat- 
panel  screens.  The  Gateway 
hooks  up  to  a  projector  through  a 
standard  VGA  connector  and  re¬ 
ceives  and  displays  images  from 
any  802.11b/g-equipped  comput¬ 
er  within  a  range  of  100  to  200 
feet,  according  to  D-Link.  The  de¬ 
vice  supports  resolution  settings 
up  to  1,024  by  758  pixels  and  up 
to  24-bit  color  depth.  The  Gate¬ 
way  includes  software  that  allows 
multiple  presenters  one-click  ac¬ 
cess  to  a  projector.  The  product  is 
available  now  for  a  suggested  re¬ 
tail  price  of  $299. 
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Invest  in  an  Antispam 

System  Now 


IN-BOXES  ARE  CLUTTERED  with  mounds  of 

spam,  and  companies  such  as  Brightmail,  Cipher- 
Trust  and  Postini  are  offering  products  to  clean 
up  the  dreck.  None  of  them  will  completely  rid 
your  users’  systems  of  unwanted  e-mail,  but  if 
you  aren’t  already  running  up-to-date  antispam  tech¬ 
nology  in  your  company,  get  some  immediately.  It’s 
among  the  best  quick-payback,  attaboy-producing 


purchases  you  can  make. 

Antispam  systems  com¬ 
bine  hard-core  networking 
with  linguistic  analysis,  ma¬ 
chine  learning  and  other 
near-AI  techniques.  Almost 
no  buyer  (or  analyst)  is  con¬ 
versant  with  all  of  those 
technical  disciplines.  Fortu¬ 
nately,  most  leading  anti¬ 
spam  vendors  offer  reliable 
products  or  services.  Just 
make  sure  that  the  antispam 
system  you  choose  boasts 
the  following  attributes: 

At  least  90%  effectiveness.  That  is,  the 
amount  of  spam  that  gets  past  your 
spam  blocker  —  a.k.a.  the  false  negatives 
—  should  be  under  10%.  Effectiveness 
levels  above  98%  are  not  unheard  of, 
but  figures  of  93%  to  95%  seem  to  be 
more  common.  These  rates  should  be 
achievable  with  little  or  no  user  “train¬ 
ing”  of  the  system. 

Minimal  false  positives.  The  number  of 
legitimate  personal  or  business  e-mails 
erroneously  blocked  as  spam  should  be 
effectively  zero.  Otherwise,  your  users 
have  to  check  spam  quarantines  for 
messages  that  might  have  gone  astray.  But 
if  end  users  are  even  briefly  checking 
every  spammy  e-mail,  you’ve  pretty  much 
lost  the  benefit  of  antispam  technology. 

The  ability  to  obtain  many  sample  spam  mes¬ 
sages  quickly.  Without  that  raw  data,  ven¬ 
dors  can’t  keep  pace  with  the  spammers. 

Prompt  and  easy  updates  of  spam-filtering 
rules.  Ideally,  such  rules  are  updated  at 
least  hourly. 

All  decent  spam-blocking  systems 
filter  spam  according  to  a  variety  of 


spam-spotting  rules.  The 
best  combine  several  ap¬ 
proaches  to  filtering,  such 
as  the  following: 

■  Blocking  messages  from 
specific  senders.  A  lot  of 
spam  is  sent  from  virus-  or 
worm-infested  machines 
that  have  been  temporarily 
hijacked  by  spammers. 
These  can  often  be  identi¬ 
fied  and  their  mail  blocked 
until  the  machines  have 
been  disinfected. 

Filters  also  block  mail 
from  some  Internet  service  providers 
that  are  known  to  be  overly  spam- 
friendly. 

■  Blocking  specific  spam  campaigns. 

A  serious  antispam  vendor  has  access  to 
multiple  sources  of  spam.  It  will  often 
have  a  broad  variety  of  dummy  mailbox¬ 
es  that  can  be  found  by  spammers  but 
receive  no  legitimate  e-mail.  Thus,  any¬ 
thing  sent  to  those  mailboxes  is  known 
to  be  spam.  If  spam  gets  past  a  blocker, 
customers  can  forward  it  to  the  vendor 
to  help  them  block  it  the  next  time. 

Once  a  message  has  been  identified  as 
spam,  a  rule  can  be  created  to  block  oth¬ 
er  copies  of  that  spam.  At  least,  that’s  the 
ideal.  Spammers  randomize  almost 
every  aspect  of  their  messages,  making  it 
very  difficult  to  know  whether  two 
spams  are  the  same. 

Flowever,  there’s  one  thing  spammers 
usually  can’t  randomize:  the  call  to  ac¬ 
tion.  For  example,  if  the  spammer  wants 
you  to  click  on  a  URL,  that  address  is 
likely  to  be  found  in  all  —  or  at  least 
I  many  —  copies  of  the  e-mail. 
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■  Blocking  messages  that  include 
common  spam  indicators.  Messages 
about  Viagra,  body-part  enlargement, 
work- at-home  opportunities  and  so  on 
are  probably  spam.  So  are  messages 
about  v!a-gra,  wrkfng  at  hmoe  and  the 
like.  Indeed,  some  of  the  best  indicators 
of  spam  are  various  techniques  spam¬ 
mers  use  to  obfuscate  the  text  of  their 
messages,  such  as  deliberate  mis¬ 
spellings,  small  fonts,  white  fonts, 
HTML  comments  and  words  within 
graphic  images. 

Not  all  serious  antispam  vendors  use 
all  of  these  techniques.  For  example, 
there’s  strong  disagreement  about 
whether  campaign-specific  filtering 
rules  are  needed.  But  it’s  certainly  neces¬ 
sary  to  use  a  variety  of  rules  in  the  anti¬ 
spam  version  of  defense  in  depth. 

For  the  most  part,  spammers  are  tech¬ 
nically  sophisticated  criminals  and  could 
find  a  work-around  to  any  particular  rule 
or  rule  type  at  any  time.  Thus,  effective 
antispam  software  has  from  10,000  to 
50,000  rules  or  more,  which  are  com¬ 
bined  to  calculate  an  aggregate  spam- 
indication  score. 

Challenge-response  systems  are 
an  alternative  to  filtering  as  a  spam¬ 
fighting  strategy,  but  I  suspect  they’ll 
never  work.  The  idea  here  is  that  when 
you  get  an  e-mail  from  an  unknown 
sender,  your  software  automatically 
sends  a  “challenge”  e-mail  back,  which 
the  sender  then  has  to  answer  before 
you’ll  accept  his  first  e-mail.  A  chal¬ 
lenge-response  system  will  always  be 
prone  to  false  positives,  such  as  when 
mail  comes  from  automated  senders  or 
from  people  who  have  their  own  chal¬ 
lenge-response  systems.  Such  a  system 
could  also  annoy  possible  customers 
trying  to  contact  you. 

For  the  foreseeable  future,  you  should 
rely  on  filter-based  antispam  systems, 
and  you  should  install  one  now.  U  do-t’n 
haave  to  drrown  ]n  $paam  anym-oore! 
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Your  role  is  expanding. 

As  business  infrastructure  moves  to  the  forefront,  your  company 
relies  on  you  to  keep  existing  systems  at  peak  performance  while 
tackling  a  broad  range  of  new  requirements.  Securing  wireless 
networks,  implementing  collaboration  technologies,  improving 
regulatory  compliance,  ensuring  business  continuity — all  while 
doing  more  with  less. 

Enterprise  challenges  demand 
end-to-end  solutions. 

As  networking  and  communications  professionals,  you  need  to 
focus  on  an  end-to-end,  system-wide  approach  when  building 
and  optimizing  your  business  infrastructure: 

»  Security  »  Performance 

»  Wireless  »  Data  Center  and  Storage 

»  Collaboration  and  VoIP  »  Infrastructure  and  Services 
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Put  it  all  together. 

Only  NetWorld+Interop  brings  you  the  latest  strategies,  techniques 
and  products  for  every  point  in  your  infrastructure — and  shows 
you  how  they  can  add  up  to  an  integrated,  end-to-end  solution 
that  meets  every  requirement  on  your  list. 

Make  the  connection  at  NetWorld+Interop. 

For  17  years,  NetWorld+Interop  has  helped  networking 
professionals  take  their  enterprises  and  their  careers  to  the  next 
level.  At  NetWorld+Interop  Las  Vegas  2004,  you'll  make  the 
industry's  best  ideas  and  latest  technologies  relevant  to  your 
needs,  and  discover  that  even  the  toughest  networking  challenge 
is  all  in  a  day's  work. 


NETWORLD 

INTEROP 

LAS  VEGAS  •  MAY  9-14,  2004 

EXHIBITION:  MAY  11-13,  2004 

A  MediaLive’ 

9  INTERNATIONAL 


Copyright  ©  2004  MediaLive  International,  Inc.,  795  Folsom  Street,  6th  Floor,  San  Francisco,  CA  94107.  All  Rights  Reserved.  MediaLive  International,  Networld,  Interop,  and  associated  design  marks  and  logos  are  trademarks  or 
service  marks  owned  or  used  under  license  by  MediaLive  International,  Inc.,  and  may  be  registered  in  the  United  States  and  other  countries.  Other  names  mentioned  may  be  trademarks  or  service  marks  of  their  respective  owners. 


End-to-End  Networking  and  Communications  Event 


lUNMEMEHT 


ElS&tii&i 


04.26.04 


Q&A 

Introverted  Technologists 


Author  and  consultant  Naomi  Karten  has 
advice  for  introverts  who  want  their  IT  ca¬ 
reers  to  prosper  in  an  extroverted  business 
world.  The  first  step  is  to  view  introversion 
as  a  positive  trait,  not  an  affliction.  Page  34 


OPINION 

How  to  Make  Better  Decisions 

Stressed  out?  Sue  Young  explains 
how  you  can  put  yourself  in  a  better 
frame  of  mind  to  make  solid  deci¬ 
sions  and  seize  opportunities,  even 
in  the  midst  of  IT  chaos.  Page  37 


‘SPEND  MANAGEMENT’ 

SOFTWARE  AND  SERVICES 
CAN  REGAIN  CENTRALIZED 
CONTROL  OVER  COMPANY 
EXPENDITURES  AND  YIELD  BIG 
SAVINGS.  BY  CONNIE  WINKLER 


THEY  WEREN’T  BAD  GUYS.  The  18% 

of  Kennametal  Inc.’s  employees  who 
ordered  PCs  or  paper  clips  locally,  out¬ 
side  the  purchasing  office’s  control, 
thought  they  were  doing  the  right 
thing.  But  these  so-called  maverick 
buyers  were  big  spenders  —  too  big. 

“They  weren’t  doing  anything  wrong 
but  simply  what  they  felt  was  the  best 
way  to  source,”  says  Jim  Cebula,  direc¬ 
tor  of  global  purchasing  and  travel  at 
the  $1.8  billion  Latrobe,  Pa.-based  tool 
maker,  which  has  50  manufacturing 
plants  and  13,000  employees 
worldwide. 

Intentions 
aside,  the  mav¬ 
ericks  needed 
reining  in  because  they 
weren’t  getting  the  volume  discounts 
and  efficiencies  that  come  from  con¬ 
solidating  spending  with  preferred 
suppliers  under  negotiated  contracts. 
Kennametal  didn’t  know  how  much 
it  was  spending,  or  on  what,  or 
with  whom. 

So  the  company  began  streamlining 
purchasing  operations,  bringing  in 
“spend  management”  tools  and  ser¬ 
vices  from  Ketera  Technologies  Inc.  in 
Santa  Clara,  Calif.  “The  spend  [analy¬ 
sis]  allowed  us  to  understand  where 
we  hadn’t  concentrated  our  spend  in  a 
given  category  . . .  and  who  wasn’t  buy¬ 
ing  on  contract,”  Cebula  says. 

Through  gentle  encouragement,  Ce¬ 
bula  now  has  80%  of  employees  buying 
off  the  nationwide  office-supplies  con¬ 
tract.  And  he  can  analyze  purchases  by 
category.  For  example,  he  could  break 
out  computer  purchases  and  separate 
laptops  from  servers. 

Kennametal  experienced  a  150% 
return  on  investment  from  its  spend 
management  effort  in  the  first  year, 


Choosing  the  Best  Side  Roads 

CIOs  disclose  where  and  how  profes¬ 
sionals  with  cubicles  in  IT  and  exec¬ 
utive  aspirations  can  acquire  the 
corporate  and  business  knowledge 
they  need  to  succeed.  Page  33 


OUTRAGEOUS  SUMS 
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Spend  management  tools  may  help 
companies  comply  with  the  Sarbanes- 
Oxley  Act,  especially  the  coming  require¬ 
ment  for  companies  to  report  significant 
events  affecting  their  finances.  For  ex¬ 
ample,  the  software  can  help  identify  ex¬ 
traordinary  expenditures  such  as,  say, 
million-dollar  artwork  purchases  for  the 
CEO’s  New  York  town  house. 

“If  you  have  a  spend  category  of 
office  furnishings  [that's  typically] 
$100,000  per  month  and  suddenly  it’s 
$2.7  million,  you  need  to  understand 
exactly  what  happened  in  that  catego¬ 
ry,”  says  John  Sharman,  a  global  pro¬ 
curement  expert  with  IBM’s  Business 
Consulting  Services. 

-  Connie  Winkler 


although  Cebula  acknowledges  that 
will  be  hard  to  repeat.  And  instead  of 
chasing  lost  invoices  or  maverick  buy¬ 
ers,  the  company’s  purchasing  staffers 
can  now  handle  more  value-added 
work,  such  as  negotiating  better  prices 
or  finding  new  suppliers. 

In  far  too  many  companies,  the  tradi¬ 
tional  purchasing  department  handles 
only  20%  to  25%  of  spending,  with  the 
rest  handled  by  other  departments, 
says  Tahseen  Ali,  CEO  of  Verian  Tech¬ 
nologies  Inc.,  a  spend  management 
software  vendor  in  Charlotte,  N.C.  And 
the  data  about  spending  tends  to  be 
stored  in  various  departmental  silos, 
instead  of  being  aggregated  and  prop¬ 
erly  managed. 

The  analytic  portion  of  spend  man¬ 
agement  software  pulls  expenditure 
data  from  financial  and  ERP  systems 
and  sorts  it  by  category.  (While  it’s 
possible  to  extract  such  financial  data 
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from  existing  systems  manually,  that’s 
a  lengthy,  costly  and  error-prone 
process.)  With  this  aggregated  data, 
companies  can  reduce  the  number  of 
suppliers  and  payment  methods,  iden¬ 
tify  off-contract  spending  and  general¬ 
ly  consolidate  contracts  on  a  corporate 
(and  sometimes  global)  level. 

Gaining  Visibility 

“Companies  buy  spend  management 
or  spend  analytics  to  get  visibility  into 
what  they’re  spending.  The  next  step  is 
to  improve  that  process,”  says  Michael 
Dominy,  an  analyst  at  The  Yankee 
Group  in  Boston.  Spend  management 
is  a  subset  of  what  Yankee  Group  calls 
“supplier  relationship  management,” 
one  of  the  fastest  growing  portions  of 
IT  budgets. 

So  why  is  spend  management  hot? 
“We’re  coming  out  of  two  to  three 
years  [of  economic]  downturn.  Com¬ 
panies  are  looking  for  other  areas  to 
squeeze  because  if  they  can  save  $1 
million,  that  goes  right  to  the  bottom 
line,”  says  Michael  Schmitt,  chief  mar¬ 
keting  officer  at  e-procurement  firm 
Ariba  Inc.  in  Sunnyvale,  Calif.  These 
companies  have  already  exhausted  the 
quick-fix  responses  to  the  business 
downturn:  cutting  staff,  selling  off  as¬ 
sets  and  reducing  inventories. 

At  Vought  Aircraft  Industries  Inc.  in 
Dallas,  maverick  spending  wasn’t  the 
only  problem,  although  in  one  category, 
employees  were  purchasing  from  more 
than  25  sources  when  the  company  al¬ 
ready  had  a  preferred  supplier.  Even 
worse  was  that  the  maverick  buyers 
were  paying  suppliers  in  different 
ways,  including  standing  purchase  or¬ 
ders,  credit  card,  online  procurement 
and  ad  hoc  purchase  orders. 

Because  of  the  different  payment 
methods  (tallied  in  different  silos), 
Vought  didn’t  realize  how  much  it  was 
actually  spending  with  individual  ven¬ 
dors,  thus  it  missed  out  on  discounts 
and  wasted  time,  effort  and  money 
printing  checks,  transferring  funds  and 
accounting  for  all  the  purchases. 

At  Vought,  the  maverick  buyers  like¬ 
ly  had  reasons  to  be  confused:  The 
company  had  accumulated  a  hodge¬ 
podge  of  systems  and  processes  from  a 
variety  of  acquisitions  and  its  mid- 
2000  divestiture  from  Northrop  Grum¬ 
man  Corp. 

“We  were  capturing  tremendous 
amounts  of  data  about  purchasing,  but 
we  had  a  fractured  view  of  this  activi¬ 
ty,”  recalls  Pam  Stewart,  administrator 
of  e-procurement  at  Vought.  Prior  to 
using  the  Ketera  spending  tool,  “we 
never  rolled  everything  together,  so  all 
of  a  sudden  we  qualified  for  greater 
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discounts  with  suppliers,”  she  says. 

That  was  especially  important  be¬ 
cause  of  hard  times  in  the  aerospace 
industry.  “The  financial  aspect  was  im¬ 
portant;  we  weren’t  interested  in 
staffing  up  to  do  catalog  creation  and 
maintenance  ourselves,”  Stewart  adds. 

Like  Kennametal,  Vought  turned 
to  the  Web-based  hosted  service 
from  Ketera,  which  creates  and  main¬ 
tains  the  catalog  of  suppliers  from 
which  employees  can  purchase  office, 
safety  and  janitorial  supplies.  Ketera 
handles  all  the  updates  and  supplier 
links,  while  employees  use  an  interface 
on  their  systems  that  resembles 
Amazon.com’s. 

About  200  of  Vought’s  6,000  em¬ 
ployees  have  access  to  the  Ketera  sys¬ 
tem,  including  five  in  the  purchasing 
department.  “It’s  just  not  our  culture 
to  open  the  system  up  to  everyone,” 
Stewart  says. 

Low-Hanging  Fruit 

Maintaining  the  savings  from  spend 
management  is  the  challenge  for 
Kendall  Mills,  group  director  of  world¬ 
wide  procurement  at  Cadence  Design 
Systems  Inc.,  a  $1.1  billion  provider  of 
electronics/semiconductor  design 
software  and  services  in  San  Jose.  Ca¬ 
dence  shaved  $6  million  off  all  pur¬ 
chases  —  which  went  directly  to  the 
bottom  line,  Mills  notes  —  in  the  first 
18  months  after  installing  a  spending 
control  suite  from  Softface  Inc.  in  Wal¬ 
nut  Creek,  Calif.  Softface  was  recently 
purchased  by  Ariba. 

Prior  to  using  the  Softface  product, 
procurement  staffers  manually  extract¬ 
ed  data  from  the  SAP  ERP  system  and 
poured  it  into  spreadsheets.  That 


process  could  take  as  long 
as  three  months  just  to 
track  50  commodities, 
and  it  was  error-prone, 

Mills  says. 

“What  helps  is  that 
we’re  now  looking  at 
100%  of  our  spend,  not 
just  certain  key  cate¬ 
gories,”  Mills  says.  “On 
the  contract  compliance 
side,  when  we  see  spend  going  up,  we 
head  it  off  quickly.”  The  software 
helped  Cadence  cut  the  number  of 
suppliers  it  uses  from  8,000  to  2,000, 
he  says. 

“We’re  still  achieving  savings  regu¬ 
larly,  but  it’s  getting  harder  as  all  the 
low-hanging  fruit  is  gone,”  Mills  says. 

Working  With  IT 

Companies  typically  consult  their  IT 
departments  about  their  spend  man¬ 
agement  plans,  but  the  technology 
doesn’t  require  heavy  work  from  IT. 
“That  these  solutions  can  cut  20%  off 
expenses  and  can  be  up  and  running 
within  a  matter  of  weeks  and  require 
very  little  involvement  from  your  IT 
department ...  is  compelling  all  the 
way  up  to  the  CEO,”  says  Ian  Sullivan, 
a  vice  president  at  Perfect  Commerce 
Inc.,  a  Lee’s  Summit,  Mo.-based  pro¬ 
curement  network. 

At  Owens  Corning,  the  e-sourcing 
group  worked  closely  with  IT,  says 
James  Hawkins,  e-sourcing  process 
leader.  “Shoulder  to  shoulder,  we  went 
after  the  best  tool  for  us,  narrowing  it 
to  two  vendors,  one  with  a  hosted  so¬ 
lution  and  one  without,”  he  says. 
“Right  now  —  and  this  will  probably 
change  in  a  couple  of  years  —  we  pre¬ 


fer  the  hosted  solution 
because  it  keeps  the  work 
off  our  IT  team  for  up¬ 
grades  and  maintenance.” 

The  Toledo,  Ohio- 
based  maker  of  building 
and  composite  materials, 
with  an  estimated  $3  bil¬ 
lion  in  annual  expendi¬ 
tures,  signed  up  for  the 
expense  management  ser¬ 
vice  of  Emptoris  Inc.  in  Burlington, 
Mass.  So  far,  Owens  Corning  is  happy 
with  the  savings  and  expects  the  in¬ 
vestment  to  pay  off  in  the  first  year. 

Some  users  want  to  expand  spend 
management  into  more  complex  areas, 
such  as  managing  contracts  and  bench¬ 
marking  against  other  organizations. 
For  example,  Perfect  Commerce  has  a 
procurement  network  that  allows  par¬ 
ticipants  to  compare  price  ranges  to 
make  sure  they  aren’t  overpaying. 

“With  our  Open  Supplier  Network, 
which  processed  $3  billion  in  trans¬ 
actions  in  2003,  we  have  the  ability  to 
analyze  transactions  and  provide  that 
data  to  organizations,”  says  Sullivan. 
“We  can  say,  ‘For  the  commodities 
you’re  buying,  here’s  the  range  of  what 
others  on  the  network  are  paying  for 
like  goods  and  services.’  ” 

Catalog  Perils 

Of  course,  opening  up  all  these  online 
shopping  catalogs  to  “nonprofessional” 
purchasers  (who  may  decide  to  redec¬ 
orate  their  offices,  for  example)  has 
potential  perils.  Organizations  need 
policies  to  monitor  spending  as  well  as 
promote  efficiency  in  transactions. 

“The  Internet  makes  spending  mon¬ 
ey  very  easy  if  you  have  a  catalog,” 
says  John  Sharman,  a  global  procure¬ 
ment  expert  with  IBM’s  Business  Con¬ 
sulting  Services.  “All  of  sudden,  you 
see  this  world  of  things  that  you  [as]  an 
individual  could  be  spending  money 
on  —  it  doesn’t  matter  if  you’re  in  a  cu¬ 
bicle  or  home  office.” 

Finally,  there’s  the  pricey-pen  dan¬ 
ger:  “If  you’re  historically  getting  10% 
to  20%  off  list  price  for  office  supplies, 
and  you  aggregate  your  spend  to  a  sin¬ 
gle  supplier  to  get  40%  off,  that  doesn’t 
necessarily  mean  you’re  doing  a  better 
job  managing  office  supplies,”  warns 
Sharman.  “It  could  be  that  you  were 
getting  20%  off  Bic  pens,  and  now 
you’ve  negotiated  a  contract  to  get 
40%  off  Mont  Blanc  pens.  In  the  real 
world,  these  things  can  occur.” 

0  46087 


Winkler  writes  about  management  tech¬ 
nology  from  Seattle.  She  can  be  reached 
at  winklerconnie@yahoo.com. 


Vendors  of  spend  management  tools  fall  into 


these  broad  categories: 

Hosted  service  providers, 

such  as  Ketera  Technologies  and 
Emptoris 

E-procurement  vendors, 

such  as  Ariba  and  Perfect  Commerce 

ERP  software  vendors, 

such  as  SAP  AG  and  PeopleSoft  Inc. 

General  spend  manage¬ 
ment  software  vendors. 


Costs:  Vendors  say  that  the  software,  when  hosted  by  a  service  provider,  costs  about 
$100,000  per  year,  whereas  multiyear  software  licenses  and  projects  can  run  from 
$200,000  to  $700,000. 


such  as  Verian  Technologies,  Zycus  Inc. 
and  Softface 

Software  vendors  that 
focus  on  specific  expens¬ 
es,  such  as  professional  services, 
telephone  bills,  contract  labor  or 
support  services.  For  example,  seell- 
there.com  Inc.  specializes  in  managing 
the  cost  of  company  meetings. 


AMBA’S  UPGRADE 

Ariba  recently  upgraded  its  spend 
management  applications  to  help 
companies  monitor  expenses  for 
corporate  services,  such  as  legal 
help,  travel  and  marketing.  Best 
Buy  Co.  is  even  using  the  software 
to  manage  snow  removal: 
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ERP  projects 
CRM  projects 

Business  process  re-engineering 
projects 

IT  liaison  positions 
Business-unit  rotation  programs 


Jeff  Campbell  was  promoted 
to  CIO  at  The  Burlington 
Northern  and  Santa  Fe  Rail¬ 
way  Co.  (BNSF)  16  months 
ago,  after  masterminding  a 
complete  overhaul  of  the 
$9  billion  transportation 
company’s  global  procure¬ 
ment  and  sourcing  operation. 

Temple  University’s  Tim  O’Rourke 
spent  more  than  a  decade  as  the  uni¬ 
versity’s  comptroller  before  his  promo¬ 
tion  to  vice  president  for  computer 
and  information  services. 

As  IT  comes  to  permeate  virtually 
every  nook  and  cranny  of  large  enter¬ 
prises,  top  IT  executives  are  moving 
into  their  leadership  roles  from  other 
parts  of  the  business,  notably  finance 


(The  shortest  route  to  the  top  of  IT  1 
is  often  horizontal.  By  Julia  King  J 


and  operations.  For  organizations  with 
annual  revenue  exceeding  $1  billion, 
company  knowledge  is  the  most  im¬ 
portant  CIO  selection  criterion,  ac¬ 
cording  to  research  conducted  jointly 
in  2003  by  Computer  Sciences  Corp. 
and  Financial  Executives  International, 
a  professional  association. 

Even  CIOs  who  rose  through  the 
ranks  from  within  IT  point  to  an  indis¬ 
putable  need  for  much  deeper  business 
and  company  knowledge.  The  reason: 
“There’s  no  point  in  automating  some¬ 
thing  you  don’t  understand,”  says  Kim 
Perdikou,  CIO  at  Juniper  Networks  Inc. 
in  Mountain  View,  Calif.  “Before  you  get 
to  any  technology  solution,  you  have  to 
fully  understand  the  business  process.” 

Financial  acumen  and  razor-sharp 
negotiating  and  contracting  skills  also 
are  critical,  especially  as  companies 
opt  to  buy  more  and  more  IT  services 
from  outside  providers,  says  Campbell. 

“I  Firmly  believe  that  future  IT 
leaders  will  be  well-respected,  well- 
grounded  businesspeople  who  happen 
to  have  a  second  discipline  called  tech¬ 
nology,”  he  says.  “We  have  to  migrate 
from  being  doers  to  leaders  of  doers.” 

Acquiring  Executive  Expertise 

So,  where  and  how  can  IT  profession¬ 
als  with  executive  aspirations  acquire 
the  necessary  skills  and  knowledge 
from  their  cubicles  in  IT? 

At  Fort  Worth,  Texas- 
based  BNSF,  Campbell  has 
launched  a  formal  business- 
skills  training  program,  and 
each  one  of  the  company’s 
600  IT  professionals  will  go 
through  it  over  the  next  two 
to  three  years. 

“It  includes  intensive 
training  in  sourcing  and  sourcing  policy, 
support  and  contract  management,  and 
governance  practices,”  he  explains.  Ne¬ 
gotiation  training  and  “extensive  im¬ 
mersion  in  finances,  including  under¬ 
standing  the  time  value  of  money,  net 
present  value  and  how  and  why  to  in¬ 
vest  in  one  project  versus  another”  are 
all  part  of  the  training,  Campbell  says. 

Once  trained,  the  IT  workers  will  be 
assigned  to  one  of  the  company’s  busi¬ 
ness  units  for  12  to  18  months.  “We 
think  they’ll  return  to  us  much  more 
effective  technologists,  and  I  do  be¬ 
lieve  it’s  from  here  that  our  future  IT 
leaders  will  come,”  he  says. 

Dan  Sheehan,  CIO  at  Advo  Inc.  in 
Windsor,  Conn.,  is  primarily  using  IT 
employees  to  staff  a  new  35-person 
“business  competency  center”  at  the 
$1  billion  direct-mail  company.  People 
who  work  in  the  center  hold  the  title  of 
business  technologist.  “Project  man- 


“Before  you  get  to 
any  technology 
solution,  you  have  to 
fully  understand  the 
business  process.” 

Kim  Perdikou,  CIO, 
Juniper  Networks  Inc. 


agement  types  and  systems  analysts  are 
the  best  candidates”  from  IT  to  move 
into  the  center,  which  also  includes 
staff  from  all  of  the  other  departments, 
Sheehan  says.  The  idea,  he  adds,  is  to 
create  a  single  support  entity  that  has 
an  integrated  view  of  the  entire  busi¬ 
ness  and  a  clear  understanding  of  how 
various  departments  and  processes  in¬ 
teract.  The  business  technologists  who 
work  there  certainly  have  technical 
knowledge,  Sheehan  says,  “but  their 
First  allegiance  has  to  be  to  the  busi¬ 
ness,  not  to  technology.  You  can’t  be  a 
gadget  or  hardware  fanatic.” 

CIOs  say  that  volunteering  to  work 
on  customer-facing  IT  projects  is  an¬ 
other  good  way  for  IT  professionals  to 
gain  broader  business  knowledge. 

“Look  for  projects  where 
there’s  strong  business  in¬ 
volvement.  Look  at  who  is 
on  the  project  team.  Look 
also  for  IT  projects  that 
touch  end  users,  which  in¬ 
clude  any  of  the  larger 
projects  tied  around  fi¬ 
nance  and  HR,”  advises 
Accenture  Ltd.  CIO  Frank  Modruson. 
Steer  clear  of  initiatives  that  fall  into 
the  “technology  for  technology’s  sake” 
category,  such  as  server  consolidation 
projects,  he  says. 

ERP  projects  also  are  fertile  ground 
for  gaining  business  knowledge,  says 
Harry  Roberts,  CIO  at  Boscov’s  Depart¬ 
ment  Store  LLC  in  Reading,  Pa.  But 
more  than  anything  else,  Roberts  says, 
rotating  out  of  a  strict  IT  role  is  proba¬ 
bly  the  most  direct  route  to  broadening 
your  knowledge  of  your  company  and 
its  business.  At  Boscov’s,  for  example, 
a  former  manager  of  point-of-sale  sys¬ 
tems  became  an  assistant  to  one  of  the 
retailer’s  store  managers. 

“If  he  had  decided  to  stay  in  IT,  he 
wouldn’t  have  the  appreciation  he  has 
now  for  merchandising  in  stores  and 
the  overall  organization,”  Roberts  says. 
“You’ve  got  to  look  for  opportunities.” 
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Introverted 

Technologists 

How  to  survive  in  an  extroverted  world. 


Surveys  show  that  about 
75%  of  people  consider 
themselves  extroverts, 
but  anecdotal  evidence 
indicates  that  the  major¬ 
ity  of  IT  folks  are  intro¬ 
verts,  struggling  to  deal 
with  their  extroverted 
peers,  business  partners 
and  customers.  Naomi 
Karten,  a  consultant, 
author  of  Communication  Gaps  and 
How  to  Close  Them  (Dorset  House, 
2003)  and  a  self-described  introvert,  is 
currently  working  on  a  book  to  help  IT 
introverts  use  the  trait  to  their  advan¬ 
tage.  She  talked  with  —  and  e-mailed  — 
Computerworld’s  Kathleen  Melymuka 
about  how  IT  introverts  can  prosper  in 
an  extroverted  world.  She  welcomes 
feedback  at  naomi@nkarten.com. 

Most  people  think  of  introverts  as  shy  peo¬ 
ple.  What’s  your  definition?  As  described 
by  personality  instruments  such  as  the 
Myers-Briggs  Type  Indicator,  introver¬ 
sion  and  extroversion  concern  where 
we  get  our  energy.  Extroverts  get  their 
energy  from  interaction  with  the  outer 
world.  Introverts  are  inwardly  focused. 
We  process  our  thoughts  and  feelings 
internally  and  have  active  inner  lives. 
But  outwardly,  we  tend  to  be  reflective 
and  reserved  —  though  we  can  talk  at 
length  about  topics  of  interest.  Intro¬ 
verts  generally  like  working  alone,  pre¬ 
fer  conversations  one-on-one  or  in 
small  groups  and  favor  written  to  spo¬ 
ken  communication.  Although  we  may 
enjoy  occasional  parties,  reading  a  good 
book  often  seems  more  appealing.  Ex¬ 
tended  interaction  with  others  —  even 
just  listening  —  can  zap  our  energy,  and 
we  need  lots  of  “cave  time”  to  recharge, 
especially  after  a  hectic  workday. 

Why  a  book  on  introverts  in  IT?  IT  is  one  of 

several  fields  with  a  much  higher  per¬ 


centage  of  introverts  than  in  the  gener¬ 
al  population,  while  extroverts  are  rep¬ 
resented  in  much  greater  numbers 
among  IT  customers.  Numerous  IT 
professionals  have  asked  me  for  advice 
about  how  to  succeed  as  introverts  in 
an  extroverted  world.  My  goal  is  to 
help  them  recognize  the  strengths  they 
have,  the  skills  they  can  develop  and 
the  confidence  and  know-how  they 
can  acquire  so  they  can  advance  in 
their  careers.  I  also  want  to  help  intro¬ 
verts  and  extroverts  appreciate  each 
other’s  strengths  and  avoid  common 
misconceptions. 

If  I’m  an  introvert,  how  might  that  manifest 
itself  in  the  IT  workplace?  Most  IT  intro¬ 
verts  are  happiest  when  left  alone  to 
do  their  jobs.  As  a  result,  some  don’t 
adequately  seek  input  from  others,  and 


BE  OPEN  about  what  you  need. 
Explain  to  your  more  extroverted  col¬ 
leagues  that  when  new  ideas  emerge, 
you’d  like  time  to  reflect  on  them  before 
commenting. 

BE  RECEPTIVE  to  extroverts’  needs. 
Encourage  them  to  do  the  talking  that 
enables  them  to  reach  an  understanding 
of  an  issue. 


USE  ONE-ON-ONES  to  your  advan¬ 
tage.  Spending  time  alone  with  decision¬ 
makers  gives  you  a  chance  to  deepen 
your  relationship  and  present  your  ideas. 

INTRODUCE  TECHNIQUES  that  can 
help  you  during  group  interactions,  such 


some  spend  less  time  with  customers, 
colleagues  and  team  members  than 
they  should.  Some  IT  introverts  feel 
overpowered  by  colleagues  who  seem 
to  so  effortlessly  speak  out,  offer  opin¬ 
ions  and  contribute  ideas  without 
needing  time  to  reflect. 

What  are  some  challenges  an  IT  introvert  is 
likely  to  face  when  working  with  extroverted 
business  people?  Extroverts  tend  to  be 
enthusiastic  and  animated  —  wonder¬ 
ful  qualities  that  many  introverts  enjoy, 
up  to  a  point.  But  with  effusive  busi¬ 
ness  people,  some  introverts  have  diffi¬ 
culty  inserting  themselves  into  the  dis¬ 
cussion.  Because  extroverts  work  out 
ideas  as  they  speak,  it’s  easy  to  confuse 
an  idea  in  progress  for  a  conclusion, 
which  can  be  a  potential  problem  dur¬ 
ing  information-gathering  and  require- 
ments-identification  sessions. 

Do  extroverts  understand  what’s  going  on 


as  time-outs  during  brainstorming  ses¬ 
sions  or  ground  rules  to  ensure  that 
everyone  has  a  say. 

COLLABORATE  WITH  COLLEAGUES 

to  determine  how  you’ll  support  one  an¬ 
other  so  you  can  all  do  your  best  work, 
whether  you’re  introverted  or  extroverted. 

LEARN  TO  WRITE  clearly  and  com- 
pellingly,  and  use  your  writing  power  to 
advance  your  ideas. 

HAVE  FUN  with  your  differences.  Kar¬ 
ten  teases  her  extroverted  colleagues 
about  competing  for  the  gold  in  the  yap- 
athon.  They  kid  her  about  not  knowing 
which  end  of  the  phone  to  talk  into. 


with  introverts,  or  do  they  misinterpret  intro¬ 
version  as  something  more  sinister?  Once, 
back  when  I  was  a  programmer,  I 
heard  that  an  extroverted  colleague 
thought  I  was  a  snob.  Why?  I  had 
walked  past  him  without  greeting  him. 
Actually,  as  is  often  the  case,  I  was 
wrapped  up  in  my  thoughts  and  hadn’t 
even  noticed  him.  Similarly,  extroverts 
sometimes  view  some  of  their  intro¬ 
verted  colleagues  as  aloof,  unap¬ 
proachable  and  unfriendly  —  and,  at 
times,  as  uncooperative,  unconcerned 
and  uninvolved. 

It  sounds  like  the  deck  is  stacked  against 
introverts.  Some  IT  introverts  have  told 
me  they  feel  drowned  out  by  their 
more  talkative  colleagues,  especially  in 
meetings.  Others  have  asked  me  if 
they’re  making  a  mistake  in  aspiring  to 
management.  A  few  have  even  asked  if 
there’s  something  wrong  with  them. 

Yet  introversion  is  perfectly  normal, 
and  none  of  the  challenges  it  poses  are 
insurmountable  impediments  to  a  suc¬ 
cessful  IT  career.  These  people  must 
resist  seeing  themselves  as  victims;  an 
“I’m  an  introvert,  woe  is  me”  attitude  is 
a  self-fulfilling  prophecy. 

How  can  I  succeed  in  IT  despite  my  introver¬ 
sion?  Start  by  thinking  of  it  as  succeed¬ 
ing  because  of  your  introversion.  In 
many  ways,  introversion  can  be  a 
strength. 

OK,  then,  what  are  some  of  the  strengths  in¬ 
troverts  bring  to  an  IT  environment?  Many 
introverts  are  persistent,  patient,  high¬ 
ly  analytical  and  excellent  listeners. 
Though  they  may  be  reserved,  many 
introverts  are  highly  articulate.  Some 
IT  introverts  excel  at  gaining  support 
for  their  ideas  by  doing  so  one  person 
at  a  time.  And  their  calm  demeanor 
can  help  steer  a  team  through  the  pres¬ 
sures  and  challenges  that  IT  organiza¬ 
tions  routinely  face. 

Developing  pertinent  skills  will  add 
to  existing  strengths.  For  example,  ac¬ 
quire  persuasion  skills  to  help  sell  your 
proposals  and  recommendations.  Gain 
relationship-building  savvy  so  you  can 
comfortably  build  rapport  and  forge 
connections.  And  —  gulp-inducing 
though  it  may  be  —  develop  presenta¬ 
tion  skills,  and  seek  opportunities  to 
speak  at  company  and  industry  meet¬ 
ings.  Skills  such  as  these  develop  com¬ 
petence,  convey  self-confidence,  build 
credibility  and  open  doors.  One  other 
thought:  Small  adjustments  in  behavior 
can  prevent  the  negative  perceptions 
that  saddle  some  introverts.  Some¬ 
times,  just  smiling  more  can  help. 
045739 


Getting  Heard 


Feeling  drowned  out  by  your  extroverted  peers? 
Author  Naomi  Karten  offers  these  survival  tips: 


NEW!iP 

Put-to-work  answers 
technology 


NEW!im!1»!JnLTK  NEWl^^W 

Industry-latest  analysis  In-depth  partner 

and  overview  presentations 


mm 


NEW! 

Real-world  roundtable 
with  your  colleagues 


EVENT  SCHEDULE 

BOSTON,  MA 
May  18,  2004 
Sheraton  Framingham 

PHILADELPHIA,  PA 
May  20,  2004 
Hilton  Philadelphia 
City  Avenue 

DALLAS,  TX 
May  25,  2004 
Omni  Richardson 

SAN  JOSE,  CA 
May  27,  2004 
Hyatt  San  Jose 


NetworkWorld 


Enterprise 

Security: 

Fail-Safe  Architecture 


FREE  EVENT  FOR 
QUALIFIED  PROFESSIONALS 


MODERATOR 
Joel  Snyder 


All  it  takes  is  one  oversight,  one  hacker,  one  failure,  and  suddenly  everything  about  network  security  is 
on  the  table.  And  YOU  are  on  the  spot.  ►  do  you  have  the  best  tools  and  technology  in  place?  ►  are  you 
implementing  and  managing  your  solutions  effectively?  ►  are  you  ready  and  right  about  new  products  in  the 
pipeline?  ►  are  you  adequately  protecting  your  enterprise  for  tomorrow? 

Unfortunately  network  security  has  become  a  costly  catch  22.  Just  when  the  stakes  to  your  enterprise  are  highest, 
you're  flooded  in  waves  of  security  technology  that  is  hard  to  evaluate,  integrate,  and  deploy.  The  typically  “safe" 
response  is  to  over-spend  and  over-build  simply  because  you’re  overwhelmed  not  just  with  what  to  buy,  but  how  to 
buy,  when  to  buy,  and  why  to  buy. 


EXPERTISE,  TECHNOLOGY,  AND 
SOLUTIONS  TO  HELP  YOU: 

►  manage  your  network  as  a  security 
intelligence  asset 

»  umbrella  remote-access  users  via 
low-cost  IP  connections 


Now  there’s  a  smarter  and  better  response.  Attend  Enterprise  Security:  Fail-Safe  Architecture,  a  new  Network  World 
Technology  Tour  Event.  You'll  see  new  technology.  Cain  the  real-world  intelligence.  And  participate  in  a  fast-paced, 
ask-questions-and-get-answers  event  unlike  any  other.  Attendance  is  free,  but  limited  to  professionals  who  reserve  in 
advance.  So  register  now  and  secure  your  place  before  you  are  on  the  spot. 


►  integrate  wireless  security  into  overall 
wired  strategy 

►  expand  effectiveness  of  your  firewalls  to 
the  application  level 

WHO  WILL  BE  THERE? 

►  Expert  Event  Leaders 

►  Joel  Snyder,  Senior  Partner  of  Opus  One 

►  Sandra  Gittlen,  Events  Editor  for 
Network  World 

and  leaders  responsible  for  planning, 
designing  and  integrating  security  solutions 
including: 

►  CIOs/CSOs/CTOs 

►  IT/IS  managers/directors 

-  Network  managers/designers/architects 


Advance  Reservation  by  Qualified  Professionals  is  Required  for  Complimentary  Attendance 

Register  now  at  www.nwfusion.com/SES4ACW 


or  call  1-800-643-4668 

PLATINUM  PRESENTING  SPONSORS  GOLD  EXHIBITING  SPONSORS: 


ForeScout 


Lancope  KnetSolve 

*  Complexity.  Solved. 


ACCUDATA 

SYSTEMS 


Black  Dragon 
Software 


injraSystsms ^ 


The  Value  of  Trust " 


Virtela"  (y\ 

Communications 


NetworkC?uys 


SECURE 

COMPUTING 


&SOLSOFT 

Mom  nun  tfkt  mjW'  -..; 


►  Systems  managers  and  administrators 


This  event  is  limited  to  Network  and  IT  professionals  involved 
in  the  evaluation,  purchase  and  implementation  of  security 
products  and  services.  Network  World  Events  reserves  the 
right  to  determine  total  audience  and  profile  of 
complimentary  attendees.  Paid  registration  is  also  available. 


To  join 


a  summit  VIACK  V'ONE 

Corporotion 

sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D'Amato  at  1  -508-490-6520  or  adamato@nww.com  for  free,  no-obligation  information. 
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ASK  AN  IT  LEADER 

Joseph 

Cleveland 

Title:  CIO 


Company: 

Lockheed 
Martin  Corp., 
Orlando 


Cleveland  is 
one  of  Com- 

puterworld's  Premier  100  IT 
Leaders.  Here  he  answers  read¬ 
ers'  questions  about  career 
growth  and  skills  development. 
If  you  have  a  question  to  ask 
one  of  our  Premier  100  IT 
Leaders,  send  it  to  askaleader@ 
computerworld.com  and  watch 
for  this  column  each  month 
online  and  in  print. 


What  do  you  see  as  the  top  five  IT 
careers  for  the  next  five  to  10  years? 

Certainly  one  area  with  a  fast-growing 
demand  is  security.  Analysts  with  sys¬ 
tems  security  training  and  knowledge 
are  becoming  sought  after  in  high  num¬ 
bers.  Nationally,  the  number  of  jobs  for 
workers  in  this  group  is  expected  to 
grow  much  faster  than  average  through 
the  year  2010.  According  to  the  Univer¬ 
sity  of  Oregon  and  the  Indiana  Career 
and  Postsecondary  Advancement  Cen¬ 
ter,  an  increase  in  computer  security 
jobs  is  expected  as  technology  contin¬ 
ues  to  advance  and  become  more  af¬ 
fordable.  More  businesses  will  add 
computers  and  will  need  specialists  to 
make  their  networks  secure.  In  addi¬ 


tion,  use  of  the  Internet  by  businesses 
should  increase  the  demand  for  com¬ 
puter  security  specialists. 

With  the  volume  of  sensitive  data 
generated  every  second  growing  rapid¬ 
ly,  data  integrity,  backup  systems  and 
database  security  have  become  in¬ 
creasingly  important  aspects  of  the  job 
of  database  administrators. 

Most  of  my  experience  in  develop¬ 
ment  has  been  for  a  committed  IBM 
shop.  I’ve  been  active  in  growing  my 
skills.  If  I  want  to  do  something  dif¬ 
ferent  in  the  near  future  (.Net,  for  ex¬ 
ample),  what  are  some  steps  to  take 
that  will  help  me  make  that  break 
from  the  past?  Networking  is  a  vital 
asset  to  career  growth.  Even  if  you 
don’t  think  you  already  have  a  network, 
you  probably  do  when  you  consider  as¬ 
sociates,  friends  and  family.  You  can 
broaden  your  network  through  joining 
professional  organizations  in  your  new 
field  and  contacting  alumni  from  your 
college  who  are  working  in  the  field  you 
want  to  enter.  Affinity  groups  within 
your  company  as  well  as  established 
career  organizations  will  be  of  use  in 
your  search  for  opportunities  to  expand 
your  career. 

People  in  your  network  may  be  able 
to  give  you  job  leads,  offer  you  advice 
and  information  about  a  particular 
company  or  industry,  and  introduce 
you  to  others  so  that  you  can  expand 
your  network.  Remember  that  you 
won’t  have  credibility  with  people  until 
they  really  know  you.  In  order  to  gain 
their  trust,  you  have  to  prove  yourself. 
One  method  that  I  highly  recommend 
to  accomplish  this  goal  is  to  engage  in 
community  events.  O  46149 


Open-Source  Skills  Open  Doors 

Within  the  next  year,  ’  : :  " 

organizations  will  strategically  deploy  Linux, 
according  to  Gartner  Inc. 

Already,  ' '  "  '  '  ^  .vi  - 

says 

OpenEnterpriseTrends.com.  In  addition,  11%  of 
Fortune  1,000  companies  report  that  more  than 

20%  of  their  applications  are  open-source. 

IBM  has  stated  that  it  has  v  '■  re¬ 

source  development  projects  under  way. 


Skills  Scan:  Today’s  Specials 

Which  specialization  would  you  recommend  to 
someone  who’s  just  beginning  a  career  in  IT? 


Other/don’t  know 

Software 

development 


Project  management 


Data/database  management 


Network  management 


Information 

security 


Help  desk  and 
end-user  support 


BASE:  1,400  CIOs  at  companies  with  more  than  100  employees 

SOURCE:  ROBERT  HALF  TECHNOLOGY  INC.,  MENLO  PARK,  CALIF.,  APRIL  P.004 


Numbers  Crunch: 


S83B 

$321 

$16 


Value  of  2003 

U.S.  Department 
of  Defense  IT  out¬ 
sourcing  contracts 

104,00 

H  Number  of  U.S.  IT 

111  jobs  lost  as  a  result  of 
fta  of  offshore  outsourcing 
V  in  2003 

Value  of  IT  out¬ 
sourcing  contracts 
awarded  by  civilian 
government  agen¬ 
cies  in  2003 

193,00 

^jl  Number  of  new  jobs 

II  created  in  other 
|H  sectors  as  a  result  of 
fl  productivity  gains 
hi  related  to  offshore 
|fl  outsourcing 

Projected  size 
of  the  business 
process  outsourc¬ 
ing  market  in 

2006 

90,001 

Tl  Net  number  of  new  jobs 
II  created  as  a  result  of 
sl  savings  from  offshore 
jJ  outsourcing  in  2003 

SOURCES:  INPUT.  RESTON.  VA..  IDC.  FRAMINGHAM,  MASS.; 

INFORMATION  TECHNOLOGY  ASSOCIATION  OF  AMERICA.  ARLINGTON.  VA 
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EXEC  TRACK 


Hail  Named  Project 
Leader  at  SAIC 

Spain  “Woody”  Hall  Jr.  has  been 
named  corporate  vice  president 
for  project  management  at  the 
Enterprise  and  Infrastructure  So¬ 
lutions  Group  of  Science  Applica¬ 
tions  International  Corp.,  a  re¬ 
search  and  engineering  company 
in  San  Diego.  Hall  will  assist  with 
business  strategy  and  focus  on 
improving  integration  of  client 
support  across  business  units.  He 
was  previously  CIO  at  the  U.S. 
Customs  Service  and  the  Depart¬ 
ment  of  Energy. 


Rogers  Corp.  CIO 
Gets  Asia  VP  Post 

Rogers  Corp.,  a  manufacturer  of 
high-performance  specialty  mate¬ 
rials  in  Rogers,  Conn.,  announced 
that  CIO  Michael  L.  Cooper  will 
become  vice  president  for  Asia. 

He  will  be  responsible  for  manu¬ 
facturing  and  staff  functions  at 
factories  in  Suzhou,  China,  and 
he  will  handle  coordination  with 
Rogers’  joint  venture  in  Japan. 
Cooper  has  been  CIO  at  the  com¬ 
pany  since  1999.  He  previously 
served  as  colonel  deputy  CIO  in 
the  U.S.  Marine  Corps. 


Heller  Promoted  to 
CIO  at  Caterpillar 

John  S.  Heller,  currently  director 
of  global  IT  solutions  at  Caterpil¬ 
lar  Inc.,  has  been  named  CIO. 
Since  joining  the  Peoria,  III.- 
based  heavy  equipment  maker  in 
1973,  Heller  has  held  a  variety  of 
IT  management  positions  in  Eu¬ 
rope  and  North  America. 


McNally  to  Lead  IT 
At  U.S.  Foodservice 

David  McNally  has  been  appoint¬ 
ed  CIO  at  U.S.  Foodservice  Inc.,  a 
U.S.  subsidiary  of  Netherlands- 
based  Royal  Ahold  NV.  McNally’s 
appointment  came  as  part  of  a 
reorganization  at  the  Columbia, 
Md.-based  company.  McNally 
was  previously  an  information 
systems  principal  at  Alix  Partners 
LLC  in  Southfield,  Mich. 


SUE  YOUNG 


How  to  Make 
Better  Decisions 


YOUR  SUBORDINATE  approaches  you  with 
an  idea  and  your  immediate  reaction  is 
that  it’s  a  waste  of  time  and  won’t  work. 
But  a  colleague  points  out  that  a  slight 
variation  of  the  idea  will  save  weeks  of 
work  and  make  your  systems  more  user-friendly.  Why 
does  one  person  perceive  opportunity  where  another 
doesn’t?  How  can  you  keep  yourself  in  a  position  to 
take  advantage  of  the  opportunities  in  front  of  you? 


Understand  that  your 
perception  can  become 
distorted.  Whenever  your 
mind  is  agitated  —  when 
you’re  worried,  stressed, 
overworked,  frustrated, 
angry  or  otherwise  upset 
—  you  no  longer  perceive 
life  directly,  but  through  a 
glass  colored  darkly. 

Instead  of  taking  in 
information  fully  and  accu¬ 
rately,  you  put  up  filters 
like  “Avoid  anything  that 
might  create  more  work!” 

With  these  filters  in  place, 
you  can’t  make  cognitive 
connections  that  would  otherwise 
be  obvious.  But  if  you  know  that 
your  perceptions  can  get  distorted, 
you’ll  also  know  when  to  step  back 
and  clear  your  mind  before  making 
a  decision. 

For  instance,  what  do  you  do  when 
your  manager  blames  you  for  the  net¬ 
work  being  down,  when  he  was  the 
one  who  inadvertently  disconnected 
the  network  interface  card  while  try¬ 
ing  to  unplug  the  mouse  so  the  clean¬ 
ing  staff  couldn’t  use  the  server  to 
check  e-mail?  Do  you  explode  in  anger 
—  or  do  you  laugh?  The  minor  disas¬ 
ters  we  deal  with  on  a  daily  basis  usu¬ 
ally  have  a  comical  element.  But  how 
often  do  we  have  the  mental  clarity  to 


recognize  what’s  funny 
in  a  “crisis”? 

So  how  do  you  clear 
your  mind,  especially  if 
you’re  overworked  and 
overstressed,  as  many  IT 
folks  are?  Here’s  a  short 
list  of  reminders  to  keep 
at  the  ready: 

1.  Check  for  humor.  What 
humor  can  you  find  in  the 
situation?  I’m  not  talking 
about  the  type  of  humor 
that  puts  people  down, 
but  the  ability  to  laugh  at 
the  fact  that  we  humans 
are  downright  ridiculous 
creatures.  As  in  “You  want  it  when?!” 
A  good  laugh  clears  the  mind  and  the 
air  so  we  can  look  at  the  situation 
realistically. 

2.  Expect  ups  and  downs.  Too  often  we 
get  caught  in  the  moment  and  act  as  if 
the  current  state  will  last  forever.  By 
remembering  that  everything  goes 
through  cycles,  from  better  to  worse 
and  down  to  up,  we  can  find  stability 
amid  change. 

3.  Turn  a  problem  into  an  adventure.  We 

need  challenges  to  grow.  Without 
them,  we  stagnate  and  life  becomes 
boring.  When  the  CIO  leaves  the  orga¬ 
nization,  the  CFO  puts  all  new  IT  proj¬ 
ects  on  hold,  and  everything’s  in 
chaos.  It’s  up  to  us  to  bring  a  sense  of 


sue  young  is  CEO  of 


ANDA  Consulting 
in  Williston,  Vt.,  where 
she  specializes  in  data 
modeling  and  ensuring 
successful  IT  projects. 

You  can  reach  her  at 
sue@andaconsulting.com. 


adventure  and  challenge  into  the  mun¬ 
dane  and  chaotic  mess.  What  can  we 
do  with  what  we’ve  got?  How  well  can 
we  do  it?  How  fast?  How  creatively? 
How  much  fun  can  we  make  it?  Let’s 
create  the  finest  possible  result  when 
we’re  understaffed,  overworked,  back- 
logged  and  given  impossible  condi¬ 
tions!  If  it  were  easy,  it  wouldn’t  be 
any  fun. 

4.  Refocus  on  the  organization’s  goals. 

When  we’re  stressed  out,  we  tend  to 
put  our  own  needs  first.  One  of  the 
easiest  ways  to  clear  your  mind  is  to 
do  something  for  someone  else:  make 
their  job  easier,  highlight  a  colleague’s 
success  or  just  hold  a  meeting  outside 
in  the  sun  for  a  change.  The  point  is  to 
get  your  mind  off  yourself.  The  act  of 
thinking  about  what  you  could  do  for 
others  —  that  also  furthers  your  orga¬ 
nization’s  goals  —  calms  your  mind 
and  opens  you  to  new  possibilities. 

5.  Remember  that  it’s  a  game.  If  you 
were  fired  today,  wouldn’t  the  things 
at  work  that  seem  so  important  to  you 
now  just  fade  away?  You’d  be  looking 
for  another  job,  sitting  on  the  beach  or 
doing  volunteer  work.  You’d  be  play¬ 
ing  another  game.  This  job  is  the  game 
you’re  playing  now.  Play  it  with  as 
much  skill,  style,  enthusiasm  and  hu¬ 
mor  as  you  can.  But  remember,  it’s  just 
a  game  that  will  evaporate  when  you 
leave  the  company  and  start  to  play 
another  game. 

All  we  can  do  is  the  best  we  can  do 
in  this  moment.  By  accepting  our¬ 
selves,  our  current  limitations  and  the 
sometimes  chaotic  nature  of  IT,  we 
create  a  degree  of  peace  and  mental 
freedom  from  which  we  can  perceive 
opportunities  and  make  better  IT 
decisions.  O  46198 
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How  does  your  rack  really  stack  up? 


Take  the  APC  Rack  Challenge  and  find  out  how 
the  New  NetShelter®  VX  outperforms  your  brand. 

Whether  you  are  consolidating  servers,  relocating  your  data  center,  or  centralizing 
distributed  networks,  selecting  the  right  brand  of  enclosure  is  crucial  to  successful 
implementation.  Take  the  APC  Rack  Challenge  today  to  make  sure  your  facts  and 
your  racks  really  stack  up. 


THE  APC  RACK  CHALLENGE 

Name:  Title: 

Company:  Phone: 

Address: 

How  many  racks  do  you  currently  have  installed? 

Features  to  expect  in  today's 

IT  rack  enclosures 

NetShelter*  VX 
(AR2101BLK) 

no  side  panels 

Compaq  Rack 
10000  Series 

(245161 -B21) 

no  side  panels 

Your  rack  brand  here: 

1  1 

I  1 

1  t 

—  -  J 

Integrated  rear  power  distribution 
channels  that  provide  zero-U, 
toolless  mounting  of  basic, 
metered,  and  switched  rack-mount 
power  distribution  units. 

X 

t  » 

Integrated  rear  cable  management 
|  channels  that  allow  efficient  cable 

I  routing  and  easily  accessible 

1  cable  containment. 

M 

X 

4  1 

>„/ 

1  Available  with  scalable 

1  cooling  options  to  support 

1  heat  densities  up  to  7.5kW*. 

& 

X 

l  » 

Exceeds  major  server  requirements 
for  front  door  ventilation. 

V 

Of 

I  l 

Meets  or  exceeds  warranty 
requirements  for  all  major  servers. 

Of 

/‘"’v 
i  i 

InfraStruXure  compatible. 

Seamlessly  integrates  into  APCs 
modular,  manageable,  pre-engineered 

1  data  center  architecture. 

'  0  ;; 

X 

/**  **\ 
i  i 

N  —  ✓ 

Vendor  neutral  rack  configurator 
designed  to  support  most  third  party 
servers  and  networking  devices. 

<8f 

X 

/  \ 

1  I 

jj  5-year  warranty 

X 

$  "Fits  Like  a  Glove"**  money  back 
j  guarantee  that  all  IT  equipment 
|  will  fit  in  the  rack. 

HP  COMPAQ  •  SUN  •  IBM ' 

X 

/  % 

^  J 

0111  •  CISCO  •  lUCfcNT  . 

Compare!  Savings 
Ik  of  almost  40% 

S1Q39 

*1359 

!<? 

IW  1 

1  1 

1  1 

TAKE  THE  RACK 
CHALLENGE  TODAY! 


Online: ; 

http://promo.apc.com  •  Key  Code  q524y 


By  Fax: 

1)  Fill  in  your  business  information, 
indicate  your  rack  brand  of  choice, 
and  check  off  the  applicable  fields. 

2)  Fax  the  completed  Rack  Challenge 
to  the  following  number: 

Fax  401-788-2797 


Yes!  . 

I  took  the  y 
APC  RACK  ' 
CHALLENGE! 


. 


RECEIVE 
YOUR  FREE  T-SHIRT 


Be  one  of  the  first  100  respon¬ 
dents  and  receive  a  FREE  *1  took 
the  APC  Rack  Challenge"  T-shirt! 


Designed  specifically  for  the  cabling, 
cooling  and  security  demands  of  today's 
IT  environments,  the  NetShelter®  VX  is  a 
complete  infrastructure  compatible  with  a 
full  range  of  integrated  APC  components. 
Vendor-neutral,  all  you  need  to  add  are 
the  servers  of  your  choice. 


NetworkAIR™  RM  Air  Distribution  Unit 


Unique  2U  rack-mounted  fan 
unit  delivers  additional  cool 
air  and  improves  circulation. 


1U  Rack-mount  LCD 
Monitor/Keyboard  Drawer 

Maximizes  space  in 
data  center  environments. 


Environmental  Monitoring  Unit 


Monitors  ambient  temperature,  , 
humidity  and  other  environmental  - 
conditions  in  racks. 


Rack-mount  PDU 

Provides  up  to  5.7kW  of  power, 
eliminating  the  need  for  multiple 


er, 

iple 


outlet  strips  per  rack.  Available  for 
both  single-  and  3-phase  input  power. 


"Based  on  APC  Internal  Research  and  testing.  **  See  link  on 
promotions  page  for  terms  and  conditions,  t  Source  of 
average  pricing:  www.HP.com.  Prices  may  vary  or  change 
from  time  to  time.  Not  applicable  to  other  SKU's  or  models. 


Legendary  Reliability* 
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Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis,  TN:  Senior  Business  Sys¬ 
tems  Analyst.  Develop  major 
applications  systems  require¬ 
ments,  testing  and  controls. 
Requirements:  Bachelor's  de¬ 
gree  or  equivalent*  in  business, 
computer  science,  engineering, 
mathematics,  MIS  or  related 
field,  plus  5  years  of  experience 
in  systems  planning  and  design 
or  systems  development  and 
integration.  Experience  with 
Oracle,  PL/SQL  and  application 
design  and  testing  also 
required.  'Master's  degree  in 
appropriate  field  will  offset  2 
years  of  general  experience. 
Submit  resumes  to  Chris 
Gibney,  Federal  Express  Corp¬ 
oration,  2003  Corporate  Plaza, 
3rd  Floor,  Memphis,  TN  38132. 
EOE  M/F/D/V. 


SYSTEM  ANALYST 

Full  time  System  Analyst  re¬ 
sponsible  for  the  network,  appli¬ 
cation  and  security  related  activ¬ 
ities:  Managing  Verisign  KMS 
Server  for  issuing  Digital  Certifi¬ 
cates,  designing  Netegrity  Site- 
minder  Policy  Servers,  creating 
Policies  on  Appshield/Appscan 
to  protect  Web  servers,  manag¬ 
ing  Cisco  Load  balancing  swit¬ 
ches,  managing  the  access  con¬ 
trol  and  data  application  securi¬ 
ty,  designing  and  monitoring  the 
hot  site,  designing  EB-XML 
based  messaging  network  for 
clients.  Must  have  Bachelor’s 
Degree  in  Electronics  Engineer¬ 
ing  or  Computer  Science.  For¬ 
eign  degree  equivalent  accept¬ 
ed.  Must  have  2  years  of  experi¬ 
ence  in  job  offered.  Send 
resume  to:  Business  Computer 
Applications,  Inc.,  Attn.  Freddie 
Johnson,  2180  Satellite  Blvd., 
Ste  325,  Duluth,  GA  30097. 


Business  Development  Coordin¬ 
ator:  Burlington,  MA:  Perform 
market  research  of  new  IT  tele¬ 
com/networking  technologies  for 
analysis  by  our  Japanese  parent 
company.  Master's  in  Info.  Sys¬ 
tems  or  a  related  field.  Alterna¬ 
tively  employer  will  accept  a 
Bachelor's  in  Info.  Systems  or  a 
related  field  &  2  yrs'  exp.  in  a 
related  network  engineering 
position.  Fluency  in  Japanese 
required.  Resume  to  Mr.  Shitou, 
Nissho  Electronics  (USA)  Corp., 
3945  Freedom  Circle,  Ste  240, 
Santa  Clara,  CA  95054. 


Seeking  qualified  applicants  for 
the  following  positions  in 
Collierville,  TN:  Senior  Pro¬ 
grammer  Analyst  Formulate/ 
define  functional  requirements 
and  documentation  based  on 
accepted  user  criteria.  Require¬ 
ments:  Bachelor's  degree  or 
equivalent*  in  computer  science, 
MIS,  engineering  or  related  field 
plus  5  years  of  experience  in  sys¬ 
tems/applications  development. 
Experience  with  Oracle  and  UNIX 
Scripting  also  required.  'Master's 
degree  in  appropriate  field  will  off¬ 
set  2  years  of  general  experi¬ 
ence.  Submit  resumes  to  Sibi 
George,  FedEx  Corporate 
Services,  1900  Summit  Tower 
Blvd.,  Suite  1400,  Orlando,  FL 
32810.  EOE  M/F/D/V. 


PROGRAMMER  ANALYST.  De¬ 
velop,  analyze,  design,  test  & 
support  applications  and  com¬ 
puter  programs.  Use  Windows 
NT  4.0,  Windows  2000  Server, 
UNIX-SUN  Solaris,  PL/SQL, 
Java  1.1.6,  ASP  2.0,  HTML, 
Oracle  7.x  and  8.x  Servers, 
Visual  Studio  6.0,  Developer 
2000/6.0  -  Forms  4.5,  and 
Oracle  Reports  2.5/6.0  to  per¬ 
form  duties.  BS/MS/or  equiv.  in 
CS,  Engg.,  or  related  fields, 
plus  relevant  exp.  in  above 
applications.  Send  resume  to  A. 
Singh,  HR  Manager,  STGIL,  11 
Penn  Piaza,  Suite  1001,  NY 
10001. 


PROG.  ANALYST  - 
ORACLE  DBA 

Dsgn  &  dvlp  web-based  applns 
handling  Oracle  dbases  in  dvlp- 
mnt,  qual.  assurance  &  produc¬ 
tion  environments.  BS  degree  in 
Comp.  Sci.,  Electrical  or  Elec¬ 
tronic  Engnrg  +  3  yrs  exp.  in  job 
offered  or  in  Software  Engnrg 
w/Oracle  DBA  reqd.  Must  know 
Oracle  9IRDBMS  on  Sun  Solar¬ 
is,  SQL  &  PL/SQL  tuning  state¬ 
ments,  UNIX/Perl  Scripts,  web- 
based  dbase  architecture  & 
dbase  support  software  like 
Oracle  enterprise.  High  mobility 
preferred.  40  hrs/wk,  OT  as 
reqd,  8  am  -  5  pm,  $66,730/yr. 
Qualified  applicants  please  sub¬ 
mit  resume  to:  Manager,  Butler 
County  CareerLink,  Pullman 
Conference  Center,  112  Holly¬ 
wood  Drive,  Suite  101,  Butler, 
PA  16001-5699.  Please  refer  to 
Job  Order  No.  WEB  410203. 


Seeking  qualified  applicants  for 
the  following  positions  in  Collier¬ 
ville,  TN:  Senior  Technical  Ana- 
lysl.  Research,  evaluate,  imple¬ 
ment  and  coordinate  changes  to 
computer  systems/applications. 
Requirements:  Bachelor's  de¬ 
gree  or  equivalent*  in  computer 
science,  math,  MIS,  computer 
information  systems,  engineer¬ 
ing  or  related  field  plus  5  years 
of  experience  in  systems/appli¬ 
cations  development,  including 
programming.  Experience  with 
systems  administration  using 
Solaris,  HPUX  and  LINUX  also 
required.  'Master's  degree  in 
appropriate  field  will  offset  2 
years  of  general  experience. 
Submit  resumes  to  Sibi  George, 
FedEx  Corporate  Services. 
1900  Summit  Tower  Blvd.,  Suite 
1400,  Orlando,  FL  32810.  EOE 
M/F/DA/. 


SR  PROGRAMMER  Lead 
team  to  design  complex  oper¬ 
ating  SW  programming  appli¬ 
cations.  BS  Comp  Sci  or  equiv 
+  2  yrs  exp  as  programmer/ 
analyst.  VC++  6.0,  telecom¬ 
munications  programming 
(Dialogic  Voice  &  Vendetta  & 
conference  HW  &  SW  APIs) 
Windows  CE  &  knwldg  mer¬ 
chandising  service  business 
reqd.  Send  resume  to:  CRC, 
Inc.,  562  Lakeland  Plaza 
#249,  Cumming,  GA  30040. 


SQL  Server  DBA/System  Ad¬ 
ministrator  w/exp  in  production 
DB’s,  T-SQL,  DTS,  BCP.  Distri¬ 
buted  Transaction  Coordinator 
&  Linked  Servers.  Perform  DB 
backup,  restore  &  create  DB. 
Query  optimizations  &  tuning. 
Manage  &  configure  applic.  like 
Cold  Fusion  MX  Server,  SQL 
Server,  Qmail,  SMTP  Express, 
Veritas,  LiveStats,  IPMONITOR 
&  MRTG.  Set  up  domain  net¬ 
work  using  Active  Directory  in¬ 
cluding  creating  domain  users, 
set  up  DNS,  DHCP,  FTP  Server 
&  IIS.  Configure  &  install  Fire¬ 
wall,  Routers  &  Switches.  Mail 
res  to:  Realty  Empowerment 
Systems,  6621  Bay  Circle, 
Suite  170,  Norcross,  GA 
30071. 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis,  TN:  Senior  Systems  Pro¬ 
grammer.  Devise  procedures  to 
solve  complex  systems  and 
applications  problems.  Require¬ 
ments:  Bachelor’s  degree  or 
equivalent*  in  computer  science, 
MIS,  engineering  or  related  field 
plus  5  years  of  experience  in 
systems  programming.  Experi¬ 
ence  with  UNIX,  C  and  logistics 
code  development  also  re¬ 
quired.  'Master's  degree  in  ap¬ 
propriate  field  will  offset  2  years 
of  general  experience.  Submit 
resumes  to  Sibi  George,  FedEx 
Corporate  Services,  1900  Sum¬ 
mit  Tower  Blvd.,  Suite  1400, 
Orlando,  FL  32810.  EOE 
M/F/DA/. 


Sr.  Network  Engineer  -  UNIX 
sought  by  network  security  de¬ 
vice  manufacturer  in  Broomfield, 
CO  to  work  in  Broomfield  and 
other  unanticipated  job  sites  in 
the  U.S.  Installs,  configures, 
maintains  and  troubleshoots 
high-availability,  fully  redundant 
networks  that  utilize  Sun  Solaris 
Servers,  Veritas  and  Sun  Clust¬ 
ers,  Veritas  Volume  Manager, 
Veritas  File  system.  Work  with 
hardware  RAIDS  such  as  A1000 
and  EMC.  Maintain  a  mission 
critical  production  environment 
at  a  data  center  and/or  colloca¬ 
tion  facility  on  a  24x7  basis.  De¬ 
sign  and  maintain  backup  solu¬ 
tions  with  Veritas  Netbackup. 
Install  and  configure  HA  agents 
for  the  company  database. 
Maintain  NIS  and  NFS  servers 
in  a  multi-platform  R&D  environ¬ 
ment.  Write  Perl  and  shell 
scripts  to  automate  procedures. 
Engage  in  project  management 
as  required.  Requires  3  yrs  exp. 
installing,  configuring,  maintain¬ 
ing  and  troubleshooting  high- 
availability,  fully  redundant  net¬ 
works  utilizing  Sun  Solaris  Ser¬ 
vers,  Veritas  and  Sun  Clusters, 
Veritas  Volume  Manager,  Veritas 
File  system  and  Veritas  Net- 
backup  software  and  hardware 
RAIDS.  Working  knowledge  in 
maintaining  a  production  envi¬ 
ronment  at  collocation  facilities 
on  a  24x7  basis.  M-F:  8am-5pm: 
$110.000/yr.  Respond  by  res¬ 
ume  to  Employment  Programs, 
PO  Box  46547,  Denver,  CO 
80202  and  respond  to  Job  Order 
Number  CO5074345 


RESEARCH  PROGRAMMER 
University  of  Illinois  at  Chicago 

Administer  UNIX,  Windows  NT 
and  other  servers  used  for 
teaching:  programming:  provide 
instructional  technology  consult¬ 
ing  to  faculty:  help  develop  tech¬ 
nology-based  courses  and  teach 
computer  seminars  and  work¬ 
shops.  The  applicant  should 
have  a  Bachelor's  Degree  in 
Computer  Science  or  related 
field,  and  have  teaching  experi¬ 
ence.  The  successful  candidate 
should  have  two  years  of  com¬ 
bined  experience  in  Windows 
NT,  and  UNIX  system  adminis¬ 
tration,  Webmaster  experience, 
programming  in  HTML,  Perl  and 
C,  and  have  experience  in 
teaching,  course  development 
and  in  using  computer  and 
Internet  technology  in  education. 
Working  knowledge  of  Apache, 
IIS,  Tomcat,  Oracle,  PL/SQL, 
Transact-SQL  and  multimedia 
authoring  tools  are  a  plus. 
Please  submit  resume  by 
5/28/04  to  Mint  Simagrai, 
Academic  Computing  and 
Communications  Center,  1940 
W.  Taylor,  Room  124  (M/C  135), 
Chicago,  IL  60612.  UIC  is  an 
Affirmative  Action/Equal  Oppor¬ 
tunity  Employer. 


Lead  SW  Dev  Engineer  -  Lead 
team  to  analyze,  design,  devel¬ 
op,  code,  document,  test, 
debug,  migrate,  &  implement 
complex  SW  applications,  data¬ 
bases,  reports,  &/or  make  signif¬ 
icant  enhancements  to  existing 
complex  systems  using  Oracle 
database  design/analysis,  VB, 
C++,  Java,  Web  development, 
SQL,  &  PL/SQL  programming 
on  UNIX  &  Win  NT  op  systems. 
I.D.  requirements,  analyze  busi¬ 
ness  problems,  &  create  tech 
solutions.  Apply  principles,  theo¬ 
ries  &  concepts  &  use  method¬ 
ologies,  tools,  documentation 
processes,  &  test  procedures  to 
complete  projects.  Responsible 
for  overall  success  of  project 
including  meeting  cost,  schedule 
&  quality  objectives.  MS  Comp 
Sci,  Eng,  MIS,  CIS,  or  related  + 
working/theoretical  knowledge 
of  Oracle  design/analysis,  VB, 
C++,  Java,  Web  development, 
SQL,  PL/SQL  programming,  & 
Unix  &  Windows  NT  operating 
systems.  $78,10Q/yr.  M-F.  8-5. 
Denver,  CO.  Must  have  proof  of 
legal  authority  to  work  perma¬ 
nently  in  U.S.  Application  by 
resume  only  to  CO  Dept  of 
Labor,  Workforce  Development 
Programs,  P.O.  Box  46547, 
Denver,  CO  80202.  Ref  job# 
CO5074964. 


Software  Engineer  IV  - 
Web  Technology 

(Waltham,  MA)  Design,  develop, 
and  support  a  secure  gateway 
system  for  authentication,  auth¬ 
orization,  and  entitlement  of  all 
application  calls  to  the  backend 
servers  in  the  telecommunica¬ 
tions  industry  using  CORBA  and 
XML  Technologies.  Design,  de¬ 
velop  and  support  highly  scal¬ 
able  and  reliable  common  librar¬ 
ies  used  by  all  developers.  As¬ 
sist  in  the  designing  and  devel¬ 
oping  of  n-tier  distributed  web 
application  for  telecommunica¬ 
tions  using  CORBA,  XML  Tech¬ 
nologies,  C/C++,  JavaScript, 
HTML  and  Informix.  Review  all 
applications  code  and  process¬ 
es  to  improve  quality  of  the  ap¬ 
plications.  Position  requires  a 
Bachelor's  degree  in  Computer 
Engineering  or  Systems  Engin¬ 
eering  plus  two  years  of  experi¬ 
ence  in  the  job  offered  or  two 
years  of  experience  in  the  relat¬ 
ed  occupation  of  Engineer,  Con¬ 
sultant  or  Programmer.  Two 
years  of  previous  experience 
must  include  experience  with 
CORBA,  XML  Technologies, 
C/C++,  JavaScript,  HTML  and 
Informix.  $73, 500/year,  plus 
usual  corporate  benefits,  9  AM  - 
5  PM.  40  hrs/wk.  Mail  two  copies 
of  resume  to  Case  #200204210, 
Division  of  Career  Services, 
Labor  Certification  Unit,  19 
Staniford  Street,  1st  Floor, 
Boston,  MA  02114.  Must  have 
proof  of  legal  authorization  to 
work  in  the  United  States. 


Systems  Analyst/Web  Develop¬ 
er  sought  to  participate  in  team 
envmt  where  ASP  &  ASP.net 
s/ware  applies  are  created  & 
maintained  on  MS  IIS  Webserv- 
ers  &  other  dvlpmt  tools  ind. 
VBScript/Visual  Basic;  modify 
ASP  applies  incl.  new  functional¬ 
ity.  bug  fixes  &  report  dvlpmt: 
create/modify  flow  charts  &  tech¬ 
nical  specs  of  web  &  d/base 
applies;  build  &  dsgn  large-scale 
relational  d/bases  in  SQL  Server 
incl.  table  structures,  stored  pro¬ 
cedures.  triggers  &  DTS  pack¬ 
ages;  participate  in  all  phases  of 
s/ware  dvlpmt  life  cycle  by  gath¬ 
ering  &  defining  reqmts.  dsgn, 
dvlpmt  &  testing;  assist  in  tech¬ 
nical  analysis  of  change  re¬ 
quests  &  perform  technical  dut¬ 
ies  such  as  redesigning  d/base 
structures  &  ASP  code;  provide 
testing  support  for  web  based 
applies  dvlpd  using  VBScript/ 
VB,  ASP,  ASP.Net  &  SQL  Ser¬ 
ver.  Req  Bach  in  Comp  Sci,  Info 
Systems  Mgmt  or  related  field  + 
3  yrs  exp  w/web  applic  dvlpmt 
using  ASP,  SQL  Server,  IIS 
Webserver,  VBScript/VB  &  large 
-scale  relational  d/bases,  incl.  at 
least  1  yr  exp  working  in  .NET 
envmt.  Send  resume  w/code 
SD1  to  Irene  Marchuk,  American 
Institutes  for  Research,  1000 
Thomas  Jefferson  St,  NW, 
Washington,  DC  20007.  EOE 


COMPUTER  PROFESSIONALS 
Opportunities  for: 

•  SYSTEMS/BUSINESS/ 
PROGRAMMER  ANALYSTS 

•  PROCESS  CAPABILITY 
ANALYST 

•  QC  ANALYST 

•  WEB  ARCHITECTS/ 
DEVELOPERS 

•  SYSTEMS  ANALYSTS 

•  WEB  GRAPHIC  DESIGNERS 

•  NETWORK  ENGINEERS 

•  PROGRAMMER/ANALYSTS 

•  SOFTWARE  ENGINEERS 
SKILLS: 

•  COLD  FUSION  •  SPECTRA 

•  ORACLE  •  VISUAL  BASIC 

•  VISUAL  C++  •  SIEBEL  •  ASP 

•  COM,  DCOM  •  JSP  •  HTML 

•  JAVA,  JAVA  BEAN  •  EJB  JAVA 
SERVLETS  •  WEBSPHERE 

•  IBM  MQ  SERIES- XML, UML 

•  MTS  •  CLARIFY  •  PERL 

•  OBJECTPERL • SPYPERL 

•  SMALLTALK  •  PL/SQL 

•  VISUAL  AGE  •  COBOL,  SPL, 
UNIX 

Visit  our  website  @ 
www.computerhorizons.com 
Attractive  salaries  and  benefits. 
Please  forward  your  resume  to: 
H.R.  Mgr.,  Computer  Horizons 
Corp.,  49  Old  Bloomfield 
Avenue,  Mountain  Lakes,  New 
Jersey  07046-1495.  Call 
973-299-4000.  E-mail:  jobs@ 
computerhorizons.com.  An 
Equal  Opportunity  Employer  M/F. 


NH  based  Company  has  open¬ 
ings  for  Software  Engineers  & 
DBA’s:  (Multiple  openings):  Re¬ 
search,  Analyze,  Design,  Devel¬ 
op,  Test,  diagnose,  and  imple¬ 
ment  various  business  applica¬ 
tions. 

Implementing,  upgrading  and 
supporting  Oracle  Financial  Ap¬ 
plications  10.7NCA/11i  or  Oracle 
HR,  Payroll,  Training  and  Admin¬ 
istration.  PL/SQL,  SQL'Plus, 
SQL'Loader,  Discoverer  2000, 
Developer  2000,  OAS,  Forms 
(6i),  Reports  (6i),  TOAD,  experi¬ 
ence  on  AP,  GL,  PO,  FA,  CM, 
PSB.  SYSADMIN  &  AR  Modules. 
Oracle  DBA,  Oracle  Utilities, 
Unix  Shell  Scripting,  PL/SQL, 
Erwin  Data  Modelling/Designing. 
Interwoven  TeamSite,  Installing 
and  upgrading  Teamsite,  Tern- 
plating,  WorkFlow  Management, 
Content  Management  System, 
Open  Deployment,  MetaTagger. 
ASP.NET,  C#,  Visual  Studio.NET 
XML,  XSLT,  SQL  SERVER2000, 
Oracle9i.  Dreamweaver  4.0  MX, 
Crystal  Reports6.0,  Lawson 
Application  8.X, Unisys  2200, Sun 
Solaris  2.9,  Teradata  Dataware- 
house, COBOL, JCL.VSAM.CICS 
,  DB2,  MVS,  IMS,  VSAM,  Expeditor 
Spufi,  File-aid,  PMX,  EDI  Gen- 
tran/Mercator,  AS/400.ILE-RPG 
IV,  CL/400,  SQL/400,  MAPICS, 
Query/400  and  DB2/400, Lotus 
Notes,  PeopleSoft  HR/Finan- 
cials,  BAAN  ERP,  BAAN  tools, 
SAP  R/3  and  ABAP/4,  Web 
Technologies  like  Java,  J2EE, 
JDBC/ODBC,  Websphere,  MQ 
Series,  EJB,  C/C++,  Visual 
C++(MFC),  Embeded  Systems, 
Win32  API,  Visual  Basic  6.0,  ATL 
COM/DCOM  (MTS2.0),  CORBA, 
Tuxedo,  Net  Webservices,  Cold 
Fusion,  CFMX,  Datawarehous¬ 
ing  Informatics  and  Datastage. 
SAS  8,  WinRunner  6.0,  Silk, 
Load  Runner,  Rational  Suite, 
SQA  Suite. 

DBA’s  must  have  experience  in 
installation,  migration,  moving, 
setup,  monitoring  and  trouble 
shooting  of  various  database 
applications.  May  require  travel 
to  client  sites.  Software  Engineer 
$78,000  &  up;  DBA:  $60,000  and 
up.  Mail  resume  to  CRG  Inc, 
1087  Elm  Street,  Suite#  501. 
Manchester  NH  03101. 


Software  Engineer:  For  propri¬ 
etary  trading  firm,  design  &  de¬ 
velop  trading  support  applica¬ 
tions  for  various  equities  &  deriv¬ 
atives  securities;  participate  in 
all  phases  of  software  develop¬ 
ment  from  initial  req's  through 
final  quality  assurance  &  imple¬ 
mentation;  design  &  develop 
client  components  for  system; 
design  &  implement  robust  &  re¬ 
usable  source  code;  monitor  live 
trading  strategies  &  work  w / 
traders  &  quantitative  research¬ 
ers  to  develop,  back  test  &  im¬ 
plement  new  strategies.  Req's: 
Bachelor's  or  equivalent  in 
Comp  Sci,  Eng  or  a  related  field. 

5  yrs  exp  in  job  offered  or  5  yrs 
software  development  exp.  Exp 
must  include  software  architec¬ 
ture  &  project  mngmt.  Exp  in 
market  data,  statistical  arbitrage 

6  developing  real-time  trading 
sys  interfaces,  including  ITCH, 
OUCH,  FIX  &  CTCI.  Prof  in  C++, 
MFC,  COM,  DCOM,  Windows 
NT/2000/XP,  UNIX,  C#.NET, 
VB.NET,  PL/SQL,  ODBC,  TCP/ 
IP,  ADO,  OLEDB,  Socket  &  RPC 
programming.  Knowledge  of 
Connectivity  to  Exchanges, 
Equity/Derivatives  Trading  & 
Middle  Office/Back  Office.  40hrs 
/wk.  Send  res.  to  box  D-10,  P.O. 
Box  17182,  Phila.,  PA  19105. 


DATABASE  ENGINEER 
-  Aid  w /  design  and 
dvpmt.  of  databases  for 
media  telecomm,  prods. 
Req'd:  Masters  in  Mgmt. 
Info.  Sys.  Or  CS, 
Fluency  in  Turkish. 
Resumes:  Mezun.com 
Inc.  3500  Boston  Street, 
Baltimore,  MD  21224. 
Attn:  L.  Heron,  Jr. 


Data  Acquisition  Developer  Sr.  - 
Large  bank  holding  company, 
headquartered  in  Tennessee 
seeks  experienced  data  acquisi¬ 
tion  developer.  Primary  respon¬ 
sibility  is  ensuring  the  currency, 
quality,  and  integrity  of  the  data 
loaded  from  sourced  systems 
into  the  data  warehouse.  The 
implementation  of  business 
rules  associated  with  the  publi¬ 
cation  of  business  intelligence 
data  in  the  data  warehouse  is  a 
primary  focus  of  this  position. 
The  Data  Acquisition  Developer 
will  enhance  modify  and/or 
change  data  published  in  the 
data  warehouse  (DW)  from 
front-end  system  providing  con¬ 
sistency  and  synchronization 
across  all  platforms.  Should 
have  experience  using  Ablnitio 
or  other  equivalent  ETL  tools  in 
a  UNIX  environment.  Experi¬ 
ence  in  integrating  metadata 
repositories  into  the  ETL 
process. 

Must  demonstrate  expertise  in 
UNIX  scripting  and  automated 
load  scheduling  to  meet  data 
warehouse  service  level  agree¬ 
ments.  Experience  in  the  Abln¬ 
itio  Co-Operating  Environment, 
Ablnitio  Re-Source  Control, 
Ablnitio  Data  Profiling,  DQ 
Component  Development  and 
working  knowledge  of  Enterprise 
Metadata  Environment.  Should 
have  working  knowledge  of 
Teradata  Utilities  like  BTEQ, 
MLOAD,  FASTLOAD,  etc. 
Minimum  educational  require¬ 
ments  include  the  following: 
Bachelor’s  degree  in  Computer 
Science  or  equivalent  education 
and  exp.  5+  years  in  systems 
development,  databases,  or 
other  related  areas.  Solid  knowl¬ 
edge  with  line  of  business  (LOB) 
legacy  systems.  Proficiency  with 
data  cleansing  and  extraction 
tools.  Strong  knowledge  and 
understanding  of  one  or  more 
database  management  sys¬ 
tems.  Strong  Analytical  and 
problem  solving  skills.  Excellent 
project  management  skills  in  the 
areas  of  planning  and  monitor¬ 
ing  projects.  Rewards  commen¬ 
surate  with  experience  and  at 
least  equal  to  the  minimum  pre¬ 
vailing  wage  for  a  40-hour  week. 
Standard  benefits  package 
available.  Only  persons  with 
authorization  to  work  in  the  U.S. 
need  to  apply.  EEO.  Submit 
resume  and  three  references  to: 
Shelly  Muhammad 
Sr.  Corporate  Paralegal  j 

Union  Planters  Corporation 
7130  Goodlett  Farms  Pkwy. 
Cordova,  TN  38016 


Senior  Database  Administrator  - 
Maintain  multiple  Oracle  Applica¬ 
tions  environments.  Accept  and 
approve  database  design,  partic¬ 
ipate  and  agree  on  Oracle  Appli¬ 
cations  database  acquisitions, 
perform  or  check  sizing  results, 
acquire  requisite  system  soft¬ 
ware  and  system/storage  devic¬ 
es.  perform  data  change  control, 
install  upgrading  database  soft¬ 
ware,  implement  production,  test 
and  staging  databases.  Maintain 
dictionary  or  repository.  Assist 
operations  staff  in  setup  of  re¬ 
quired  operations  environment 
for  running  the  system.  Assist  in 
provision  of  agreed  service  lev¬ 
els  to  the  user/business,  monitor 
the  system  (derive  statistics  for 
usage,  performance,  problems, 
utilization,  etc).  Ensure  integrity 
of  data  in  database  per  defined 
database  constraints  and  help 
maintain  and  define  constraints 
with  active  participation  from 
development  groups.  Implement 
disaster  recovery  and  report  ar¬ 
chitecture  procedures  and  solu¬ 
tions.  Administer  and  implement 
security  integrity  controls.  Main¬ 
tain,  follow  and  adhere  to  poli¬ 
cies,  procedures  and  standards 
relating  to  database  manage¬ 
ment.  Requirements  include  a 
Master's  degree  or  equivalent  in 
Computer  Science,  an  Engineer¬ 
ing  discipline  or  closely  related 
field  and  six  years  of  work  expe¬ 
rience  in  the  job  offered  or  relat¬ 
ed  field  of  database  administra¬ 
tion  within  an  Oracle  Applications 
environment.  Applicants  must 
have  unrestricted  authorization 
to  work  in  the  United  States.  Sal¬ 
ary  $ 105,000/year.  40  hours/wk. 
Respond  with  two  copies  of  res¬ 
ume  to  Case  #200204237,  Labor 
Exchange  Office,  19  Staniford 
St.,  1st  FL,  Boston,  MA  02114. 
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Programmer  Analyst  needed  to 
analyze,  dsgn  &  dvlp  computer 
applies  &  infrastructures  using 
Borland  C++,  STL,  TCP/IP,  ACE 
(Adaptive  Communication  Fram- 
ework)  &  MS  SQL  Server  to  sup¬ 
port  &  enhance  quantitative 
research  &  operations  for  com¬ 
modity  trading  advisor  firm. 
Lead  projects  using  algorithm- 
based  frameworks  for  propri¬ 
etary  computer  s/ware  applies, 
knowl.  of  FIX  Protocol  &  knowl 
of  futures/equities  mkts.  Form 
reqmt  specs  to  dvlp  prgms  using 
structured  object  oriented  analy¬ 
sis  &  dsgn.  Dsgn  &  code  project 
specs  into  reusable  coding  libra¬ 
ries.  Perform  standardized  B&W 
box  (incl.  regression)  testing. 
Analyze  &  enhance  prgms  to 
increase  performance  &  adapt 
to  new  product  reqmts.  Must 
have  Bach/equiv  in  Comp  Engg 
or  Comp  Sci  &  2  yrs  exp  in  job. 
Send  resume  in  dupl  to  H.  Lie, 
1700  Broadway,  39th  FI,  NY,  NY 
10019. 


F/T  Instructional  Technology 
Database  Support  Developer. 
Responsible  for  assisting  faculty 
in  using  available  technology  to 
enhance  teaching  and  learning 
using  Tango  4.5  middleware  and 
Dreamweaver.  Maintain  and 
extend  currently  available  learn¬ 
ing  technologies  and  promote 
their  wide  and  effective  use. 
Design,  create,  develop  and 
maintain  customized  database- 
driven  information  and  decision 
support  systems  and  solutions 
using  4D,  ERDs,  and  Relational 
Database  Management  System. 
Develop  and  maintain  online 
learning  services.  Server  main¬ 
tenance  and  administration. 
Customize  database-driven  sys¬ 
tems  development  using 
Normalization  and  Banner. 
Educational  background  must 
have  included  the  above  refer¬ 
enced  computer  skills.  Must 
have  a  Master's  in  Management 
Information  Systems  or  related 
field.  Competitive.  Send 
resumes  to:  Dr.  Dwight  Call,  GA 
College  &  State  Univ.,  CBX  049, 
Milledgeville,  GA  31061. 


International  Build/Release 
Engineer  wanted  to  design, 
implement  &  maintain  product 
installers,  incl.  InstallShield 
installers  for  French,  Italian, 
German,  Spanish  &  Dutch  prod¬ 
ucts  for  Dragon  Naturally 
Speaking;  resp.  for  automated 
builds  of  all  released  products, 
incl.  maintaining,  forking  & 
archiving  source  code  reposito¬ 
ries;  creating  master  discs; 
implementing  automatic  build 
features;  &  performing  test- 
automation.  Must  have  Bach, 
deg.  in  Comp.  Sci.,  Eng.  or  relat¬ 
ed  field  &  2  yrs.  exper.  with 
product  installation,  incl.  at  least 
1  yr.  exper.  with  InstallShield,  & 
knowledge  of  object  oriented 
programming  languages  such 
as  C++,  Java  or  Python.  Salary 
$65,000/yr.  Send  2  resumes  to 
Case  #200204238,  Division  of 
Career  Services,  Labor 
Certification  Unit,  19  Staniford 
St.,  1st.  fl„  Boston,  MA  02114. 


Computer  Programmer,  Numeri¬ 
cal  Control.  Dvlp  prgm  to  control 
machining  &  processing  by  au¬ 
tomatic  tools,  eqpmt  &  systems; 
prep  flowcharts,  write  modules, 
test  &  revise  prgm  to  encode  or 
correct  machine  instructions 
using  simulation,  modeling, 
embedded  &  Real-Time  s/ware 
architecture  &  dvlpmt  skills  in 
networked  envrmt.  Reqs  Mas¬ 
ters  or  equiv  in  Comp  Sci,  Info 
Systems,  Electrical,  Electronics, 
Mechanical  or  related  field  of 
Engg.  40hr/wk,  8a-5p.  Resume: 
Anniston  Pump  Shop,  Inc,  2800 
US  Hwy  431  North,  Anniston,  AL 
36206. 


Web  Developer  to  develop, 
modify  and  implement  web- 
based  information  systems  to 
ensure  secure  access  to  sensi¬ 
tive  information  by  end  users. 
Develops  queries,  stored  proce¬ 
dures  for  manipulation  and  inte¬ 
gration  of  large  datasets.  Devel¬ 
ops  scripts/programs  to  convert 
data  into  a  format  to  be  easily 
loaded  into  database.  Develops 
real  time  on-line  management 
reports  for  internal  and  external 
users.  Uses  ASP,  IIS  4.0,  HTML, 
XML,  COM,  ADO,  JavaScript, 
VBScript,  Visual  Basic,  SQL 
Plus  or  SQL  Query  Analyzer, 
Windows  Scripting  Host  in  Win¬ 
dows  NT  Operating  System  in 
performance  of  duties.  Requires 
Bachelor's  Degree  in  Computer 
Science,  Information  Systems, 
or  Information  Decision  Science. 
Also  requires  one  year  direct 
experience  in  the  job  offered 
position.  Send  resumes  only,  no 
calls  to:  Craig  Odegaard,  Direc¬ 
tor  of  Information  Technology, 
PayNet,  Inc.,  5750  Old  Orchard 
Road,  Ste  510,  Skokie,  IL 
60077. 


Systems  Application  Engineer: 
Will  define  product  features, 
detailing  product  requirements 
for  company’s  SONET/SDH 
Framer  and  Mappers.  Will  inter¬ 
act  with  strategic  customers  and 
other  industry  leasers  on  sys¬ 
tems  architectures  and  protocols 
and  define  the  current  and  next 
generation  of  products.  Resp¬ 
onsible  for  digital  hardware 
design  and  architecture  of  digital 
systems.  Requires:  Bachelor  of 
Science  degree  in  Electrical/ 
Computer  Engineering  or  equiv¬ 
alent.  Must  have  knowledge  of 
SONET/SDH  and  Viewlogic. 
Demonstrated  ability  to  test, 
debug  and  characterization  of 
test  platforms  and  ASICs  with 
SONET/SDH  instrumentation. 
40hrs/wk  (9:00  a.m.  to  5:00 
p.m.)  $80,000.00/yr.  Send  two 
resumes/responses  to:  Case 
Number  200204211,  Labor 
Exchange  Office,  19  Staniford 
Street,  1st  Floor,  Boston,  MA 
02114 


Integrated  Software  Solutions, 
Inc.,  a  rapidly  growing  IT  con¬ 
sulting  Co  has  permanent  posi¬ 
tions  open  for  Computer  Soft¬ 
ware  Professionals  w/BS  or 
equiv  deg  &  exp  in  one  of  the  fol¬ 
lowing  skills  or  in  a  combination 
thereof: 

'Administration  -  Windows  NT/ 
2000/Unix 

*  Oracle  Developer  -  SQL/PU 
SQL/Developer  2000 

*  DBA  -  Oracle/Sybase 

*  C,  C++,  Visual  Basic,  J2EE, 
ASP 

*  PeopleSoft  -  and  Related 
PeopleSoft  Tools 

'  SAP  R/3  -  and  Related  Tools 
'  Main  Frames-DB2,  CICS,  JCL, 
TSOP 

'  QA  Testing-WinRunner/Load- 
Runner/Silk  Rational  Suite/Test 
Director 

ISS,  Inc.,  provides  a  competitive 
salary  &  benefits.  Applicants 
must  be  willing  to  relocate/travel 
to  various  unanticipated  Iocs 
throughout  US.  Send  resume  to: 
HR  Dept.,  ISS,  Inc.,  855  E.  Golf 
Rd..  #2145,  Arlington  Heights,  IL 
60005  OR  email  to  resumes@ 
issinc-usa.com. 


Libsys,  Inc. 

Programmer  Analysts 

Bachelor  degree  in  computer 
science  or  related  field  with 
2years  experience  in  any  5  of 
the  following:  WebLogic,  IIS, 
C++,  VC++,  Redhat  Linux,  AIX, 
HomeSite,  Forte,  Bugzilla,  Mer- 
ant  ,PVCS,  XSD,  RMI,  Oracle, 
etroguard,  Cyber  Source  DODS, 
kelp,  Seagate  Crystal  Reports, 
Cisco  Call  Manager,  Interaction 
Center,  VoIP,  NACT,  Informix, 
Exceleron,  Cisco  Router/VG- 
200,  STX  Switch,  Cisco  IP 
Phone  7940. 

Send  Resume  to: 

Jobs@Libsyslnc.com 


Technology-consulting  firm  in  Wl 
has  mult.  IT  pos  around  country 
w/exp  in  1  or  more  (depending 
on  need)  of  follwg  skills: 
WebMethods  Integration  Server, 
WebMethods  Trading  Networks, 
WebMethods  Enterprise  Server, 
IBM  MQSeries,  IBM  Assembler, 
IBM  WebSphere,  Mainframes, 
CICS,  DB2,  COBOL,  Unix,  Sun 
Solaris,  Win,  C/C++,  Visual  C++, 
VB,  Power  Builder,  Dsgnr  2000, 
Dvlpr  2000,  Oracle,  Oracle 
Applic,  SQL  Server,  MS  Access, 
SQL,  SQL  Plus,  PL/SQL,  Data 
warehousing  Tools,  HTML, 
DHTML,  XML,  TCP/IP,  Peri, 
JSP,  Weblogic,  Java,  Java 
Script,  VB  Script,  ASP,  Clarify, 
Documentum,  CoreDossierX, 
Rational  Rose,  Testing  tools  & 
QA  methodologies.  Rel  edu  & 
exp  reqd.  Relocation  may  be 
nec.  for  most  jobs.  Resume: 
Exec  Search,  Inc.,  C/O  ISS, 
1300  Bent  Creek  Blvd,  Ste.  200, 
Mechanicsburg,  PA  17050. 


SOFTWARE  ENGINEER  to  de¬ 
sign,  develop,  test,  enhance 
and  maintain  web-based  and 
client/server  application  soft¬ 
ware  for  the  insurance  industry 
using  C,  C++,  Java,  Java  Script, 
Oracle,  JDBC,  J2EE,  JSP, 
Servlets,  EJB,  TCP/IP  and  UML 
under  Windows  95/98/200/NT/ 
XP,  DOS  and  UNIX  operating 
systems.  Requires:  M.S.  De¬ 
gree  in  Computer/Information 
Science,  an  Engineering  disci¬ 
pline,  or  a  closely  related  field 
with  two  years  of  experience  in 
the  job  offered;  Experience 
gained  before  or  after  earning 
the  M.S.  degree  will  be  accept¬ 
ed;  Competitive  salary  offered. 
Send  resume  to:  Infinity  Insur¬ 
ance  Company,  P.O.  Box  444, 
Birmingham,  AL  35209;  Fax  at 
205-803-8406;  or  E-mail  at: 
Jobs@lnfinity-lnsurance.com; 
Attn:  Job  CM. 


Business  Application  Ana¬ 
lyst.  Design  business  apps. 
&  provide  support  for  stand¬ 
alone  &  LAN  PC  users  & 
VOALA/System  Administra¬ 
tors.  Maintain  servers,  ac¬ 
counting  app,  software/sys¬ 
tem  &  accounting  data.  Req; 
Bachelor's  in  Business  Ad¬ 
ministration  w /  courses  in 
Info.  Sys.  40hrs/wk.  Job/ 
Interview  Site:  LA,  CA.  Send 
resume  to  Volunteers  of 
America  Los  Angeles  @ 
3600  Wilshire  Blvd.,  #1500, 
LA,  CA  90010. 


IT  professionals  (programmers/ 
system  analysts,  software  engi¬ 
neers)  wanted  by  Advanced 
Technology  Group  to  design 
applications  using  Java,  Oracle, 
SQL,  HTML,  WebLogic,  JSP, 
VB,  EJB,  etc.  Min.  requirement 
is  BS/MS  with  exp.  Please  send 
resume  to  info@atousainc.com. 
EOE 

Morrisett  Associates  is  a  small 
professional  web/software  des¬ 
ign  company.  It  has  openings  for 
Web  Developers,  IT  Profession¬ 
als  for  Web  development  using 
ASP  (VBScript  and  JavaScript). 
Must  have  BS/MS  with  exp  uing 
ASP,  ASP.Net,  VB.Net.  Contact 
morrisett@midwestcvber.com. 

EOE 


Programmer/Applications  Dev¬ 
eloper  (Provo,  UT):  Design/dev¬ 
elop  applications  based  on  con¬ 
sultation  with  systems  analysts 
and  other  programmers.  Con¬ 
vert  designs  and  specifications 
into  computer  code.  Program 
projects  using  XSLT;  integrate 
Web /  Database;  program  in 
Cold  Fusion,  Oracle,  and  JSP. 
J2EE,  Apache,  MySQL,  Postgre 
SQL,  Tomcat  &  Linux;  4  year  CS 
Degree;  $42,000  per  year.  Send 
applications  to  Aaron  Alder 
job0034@power-glide.com, 
Power  Glide  1682  W  820  North, 
Provo,  Utah  84601.  Applications 
accepted  from  April  20,2004 
through  May  20,2004. 
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The  World  Of  Work  Is  Changing 
Every  Week. 


Search  for  jobs  and  post  your 
resume  here  on: 
www.itcareers.com 


or  call  (800)  762-2977 


Luckily,  We  Are  Too! 

itcareers.com  is  now  powered 
by  CareerJ  ournal.com ! 


Energy/Finance  Analysts  need¬ 
ed.  Seeking  candidates  pos¬ 
sessing  MS  or  equiv.  and  rel 
work  exp.  Duties  include:  Plan 
and  coordinate  activities  to 
improve  operating  efficiency  of 
electric  power  systems.  Exp. 
must  include  3  years  analyzing 
utility  operations  economically 
and  financially  and  analyzing 
regulatory  approaches  used  to 
regulate  electricity  markets  in¬ 
ternationally.  Mail  resume,  refs 
and  salary  reqs  to:  Customized 
Energy  Solutions,  Ltd.,  215  S. 
Broad  Street,  Philadelphia,  PA 
19107. 


C  G  Maersk  USA,  Inc.  provides 
cutting  edge  IT  services  to 
clients  all  over  the  world  &  has 
exciting  job  opportunities  for 
1.SW  Engrs  with  MS  in  CS  or 
related  field,  2.Prog.  Analysts 
with  BS  in  CS,EE  or  other 
eng'rng  degree,  3. Program¬ 
mers  with  min.  BS  in  CS,  EE  or 
related  field  with  varying  levels 
of  experience  to  work  at  vari¬ 
ous  locations  in  the  U.S.  Com¬ 
petitive  compensation  and  ben¬ 
efits.  Pis  send  applications  to: 
C  G  Maersk  USA,  Inc.,  386  N. 
Wabasha  St,  Ste  1500,  St. 
Paul,  MN  -  55102.  E  O  E 


Corpus.  Inc.  has  multiple  open¬ 
ings  for  IT  professionals  to 
design  and  develop  applications 
using  Oracle,  SQL,  PL/SQL. 
COBOL,  C/C++,  VB,  Java,  XML 
ERP,  ASP,  NT,  XSL.  Min  BS 
degree.  Traveling  is  required  for 
some  positions.  Please  send 
resumes  to  resumes@corouslnc 
.com.  EOE. 

Hexium,  Inc.  is  a  new  IT  compa¬ 
ny.  It  has  openings  for  software 
engineers,  web  developers,  sys¬ 
tem  analysts.  Qualified  candi¬ 
dates  must  have  BS  with  sub¬ 
stantial  experience  in  ASP.Net, 
SQL.  Travel  may  be  required. 
Please  apply  at  humanrasnnm 
es@hexiuminc.com  EOE.  No 
calls. 


Programmers,  Software  Engin¬ 
eers  &  DBAs:  Analyze,  design, 
develop,  test  apps.  in  (A) 
Microsoft.Net  tech,  Oracle/SQL 
Server/Sybase  suites,  Java 
suite,  Weblogic,  Apache, 
COBOL;  (B)  Documentum,  ATG 
Dynamo,  Weblogic,  Java/ 
Oracle  suites  and  internet  secu- 
rity/e-commerce  analysis  (C) 
Design,  administer  and  main¬ 
tain  databases  in  Sybase/SQL 
Server  and  Oracle.  Please 
respond  to  Attn:  Vipul  Goel, 
NetAppI,  Inc.,  2415  San  Ramon 
Valley  Blvd.,  Suite  4140,  San 
Ramon,  CA  94583.  EOE 


Computer  Programmer  II  need¬ 
ed  in  Orem,  Utah  to  enhance, 
integrate  and  develop  new  pro¬ 
jects.  Will  provide  expert  level 
delivery  of  custom  applications 
utilizing  various  technologies 
and  methods  (i.e.  Java,  Delphi 
PHP,  JavaScript.  C,  XMUXSL 
and  UNIX/LINUX  shell  script¬ 
ing).  B.S.  in  Computer  Science 
or  related  field  required.  Also 
requires:  1.  Specialized  knowl¬ 
edge  in  object-oriented  pro¬ 
gramming  in  PHP,  Delphi  and 
JAVA  and  database  experience 
in  MySQL,  Advantage  Database 
Systems  and  SQL-SERVER.  2. 
Demonstrable  ability  to  perform 
extensive  web  database  design 
and  programming;  3.  Requires 
travel  nationally  and  internation¬ 
ally.  4.  U.S.  employment  autho¬ 
rization.  For  full  listing  of  job 
duties,  requirements  and  appli¬ 
cation  procedure  go  to 
JobADSUSA.com  job  order 
230774  or  call  (801)  379-4011. 


Developer/Support/Quantitative 
Analyst  sought  by  Knight  Trad¬ 
ing  Group  for  Santa  Clara,  CA 
office.  Candidate  must  possess 
Master's  degree  in  Computer 
Science  or  directly  related  field 
and  18  months  experience  in 
software  development,  design 
and  analysis.  Must  have  experi¬ 
ence  in  developing  large  high- 
performance  and  highly  scalable 
software  systems  and  skills  and 
experience  in  C,  C++,  JAVA, 
JSP,  J2EE,  Perl,  SQL,  ORACLE 
database,  UNIX,  Windows.  Re¬ 
spond  to;  Human  Resources 
Dept.  891-TJXLL,  525  Washing¬ 
ton  Blvd.,  Jersey  City,  NJ  07310. 


Information  Systems  Analyst 
wanted  by  Real  Estate 
Brokerage  in  IL  to  coord 
activities  in  such  fields  as 
electronic  data  processing, 
info  systms,  systms  analysis 
&  comp  prgmg.  Must  have 
Bach  or  its  equiv  in  Info 
Systms/Comp  Sci  &  1  yr  exp 
in  job  offd  or  related  position 
in  Systms  Analysis/Prgmg. 
Respond  to  Mr.  P.  Brown, 
Oxford  Falconridge  & 
Pensby  Realty,  Inc.,  40  Du 
Page  Ct.,  Ste  410,  Elgin,  IL 
60120.  No  calls. 


Sr.  Software  Consultant  sought 
by  s/ware  dvlpmt  co.  for  Kansas 
City,  KS  office  to  dsgn  &  dvlp 
custom  based  web,  d/base  & 
desktop  applies.  Dvlp  thru  full 
s/ware  dvlpmt  lifecycle  for 
assuring  timeliness,  cost-effec¬ 
tiveness  &  overall  qlty  of  deliv¬ 
erables.  Bach  in  Comp  Sci, 
Engg  or  related  field  +  4  yrs 
profl  exp  &  6  mos  exp  w/VB, 
ASP,  SQL  Server,  ORCAD/ 
PCAD/PADS2000  &  Oracle. 
Send  resume  to:  FNSTAR,  Inc, 
12009  Horton  #66,  Overland 
Park,  KS  66209;  email: 
jobs@fnstar.com. 


IT  Education  &  Training  Directory 


Contact  the  companies  listed  below 
to  help  you  with  your  training  needs! 


. 


m 


To  place  your  ad  please  call  800-762-2977 

_  _  .  ■  -jyifll 


IPexpert,  Inc. 

(866)  225-8064 

www.ipexpert.com 

CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

CCNP,  CCNA,  IP  Telephony 


L 


CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
www.cbtnuggets.com 
Affordable  training  videos  on  CD 
MCSE,  MCDBA,  MCSD,  CCNA, 
Citrix,  Linux,  A+,  Net  + 
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SENIOR  SOFTWARE 
ENGINEER  -  WESTFORD,  MA. 
Lead  design,  development,  de¬ 
bugging  and  unit  testing  of  soft¬ 
ware  telecommunications  call 
processing  and  switching  fea¬ 
tures  using  ATM  (Asynchronous 
Transfer  Mode).  Frame  Relay, 
SS7,  and  ISDN  (Integrated  Ser¬ 
vices  Digital  Network)  protocols 
for  widely-deployed,  real-time  sy¬ 
stems.  Prepare  design  and  fun¬ 
ctional  specification  documents 
and  unit  test  plans.  Validate  tech¬ 
nical  features  in  isolation  and  as 
part  of  larger  network  switching 
system.  Participate  in  technical 
discussions,  including  review 
and  inspection  of  design  and 
functional  specification  docu¬ 
ments  and  code  modifications. 
Identify,  investigate,  analyze  and 
debug  defects  reported  internally 
and  by  customers.  Responsible 
for  training  engineers  at  interna¬ 
tional  affiliates  as  part  of  technol¬ 
ogy  and  know-how  transfer.  Re¬ 
quires  a  Master's  degree  in 
Comp.  Sci.,  Elec.  Eng.,  Comp. 
Eng.,  Telecom.  Eng.,  or  related 
field,  and  1  year  of  exp  in  job  of¬ 
fered  or  1  year  of  exp  as  Network 
or  Telecom  Engr.,  or  related. 
Employer  will  accept  Bachelor's 
degree  in  Comp.  Sci,  Elec.  Eng., 
Comp.  Eng.,  Telecom.  Eng.  or 
related  field  plus  five  years  of 
progressive  experience  in  the 
specialty  as  equivalent.  The  1 
year  of  exp  must  involve  soft¬ 
ware  design  and  development 
for  telecommunications  call  pro¬ 
cessing  and  switching  features 
using  ATM,  Frame  Relay,  SS7, 
and  ISDN  protocols.  40  hrs/wk, 
8:00  am  -  5:00  pm,  Salary: 
$91, 560/year.  Please  send  two 
(2)  resumes  to:  Case# 
200203885,  Division  of  Career 
Services,  Labor  Certification 
Unit,  19  Stamford  Street,  1st 
floor,  Boston,  MA  02114. 


Computer  Programmer.  Job  lo¬ 
cation:  Buffalo,  NY.  Duties:  De¬ 
sign,  develop  &  maintain  intranet 
websites  using  ASP,  Coldfusion, 
SQL  SQL  Server  and/or  MS 
Access.  Develop  appls.  using 
Visual  Basic  &  create  or  modify 
reports  based  on  user  needs  in 
Crystal  Reports.  Move  intranet 
websites  from  develop,  to  prod. 
Interface  w/database  admin., 
web  users  &  IS  helpdesk  to 
solve  system  problems.  Re¬ 
quires:  B.S.  (or  foreign  equiv.)  in 
Comp.  Sci.,  Eng.  or  a  related 
field  &  2  yrs.  exp.  in  the  job 
offered  or  2  yrs.  exp.  as  a  Prog./ 
Analyst  or  Prog.  Concurrent 
exp.  must  incl.  2  yrs.  exp.  devel¬ 
oping  appls.  using  Visual  Basic 
&  6  mths.  exp.  using  ASP.  Mail 
resume  (no  calls)  to:  Shannon 
O'Brien,  CTG,  Inc.,  700 
Delaware  Ave.,  Buffalo,  NY 
14209-2094. 


COMPUTER/IT 

Software  Engineer.  Requires  a 
Bachelor's  degree  (or  equiva¬ 
lent)  in  Information  &  Decision 
Systems  or  a  related  field.  Must 
have  3  years  of  experience  in 
the  job  offered  or  3  years  of  ex¬ 
perience  developing  commercial 
customer  care  &  billing  applica¬ 
tions  for  the  pay  media  market. 
Stated  experience  must  also 
include  2  years  of  experience 
developing,  designing  and  de¬ 
bugging  core  components  of  IBS 
n-tier  customer  care  and  billing 
applications.  40  hrs/wk.  Send 
resume  to  L.  Tyler,  Entriq  Inc., 
1900  Wright  Place,  Carlsbad, 
CA  92008. 


PROGRAMMER/ANALYST  to 
analyze,  design,  develop,  test 
and  implement  application  soft¬ 
ware  using  C,  Visual  Basic,  ASP, 
Perl.  SQL,  HTML,  OOP  and 
SQL  Server  on  UNIX  and  Win¬ 
dows  platforms.  Require:  B.S. 
degree  (or  completion  of  all 
coursework)  in  Computer  Sci¬ 
ence,  Mathematics,  or  a  closely 
related  field  with  two  years  of 
experience  in  the  job  offered  or 
as  a  Programmer.  Competitive 
salary  offered.  Apply  by  resume 
to:  Frank  Beaman,  Global 
Software  Development  Servic¬ 
es,  Inc.,  10  South  Fifth  St.,  Suite 
700,  Minneapolis,  MN  55402, 
Attn:  Job  SB. 


Computer  Support  Specialist. 
Job  location:  Rochester,  NY. 
Duties:  Provide  tech,  assist,  on 
oper.  of  AS400  oper.  system. 
Resolve  computer  problems  for 
clients  in  person,  over  the  web 
or  via  telephone  &  provide  as¬ 
sist.  concerning  the  use  of  com¬ 
puter  hardware  &  software. 
Identify  user  problems,  answer 
system  messages  &  help  desk 
calls  for  end  users  &  provide 
problem  solving  services.  Re¬ 
quires:  B.S.  in  Comp.  Sci.,  Eng. 
or  a  related  field.  Coursework 
must  incl.  classes  in:  Visual  Pro¬ 
gramming,  Data  Comm.  &  Com¬ 
puter  Networks  &  Network  Ad¬ 
min.  Mail  resume  (no  calls)  to: 
Angela  Koehler,  CTG,  Inc.,  30  N. 
Union  St.,  Ste.  201,  Rochester, 
NY  14607-1345. 


Software  engineer  to  design,  de¬ 
velop  and  test  computer  pro¬ 
grams  for  business  applications; 
analyze  software  requirements 
to  determine  feasibility  of  des¬ 
ign;  direct  software  system  test¬ 
ing  procedures  using  expertise 
inASP.NET,  ADO,  IIS,  SQL,  Em- 
pirix,  LoadRunner  and  WinRun- 
ner.  Requirements:  Bachelor's 
Degree,  educational  or  function¬ 
al  (3  years  experienced  year 
college)  equivalent,  in  Computer 
Science  or  related  field  and  one 
year  experience  as  a  software 
engineer  or  computer  program¬ 
mer,  knowledge  of  ASP.NET, 
ADO,  IIS,  SQL,  Empirix,  Load- 
Runner  and  WinRunner.  Salary: 
$70, 242/year.  Working  Condi¬ 
tions:  8:00  A.M.  to  5:00  P.M.,  40 
hours/week,  involves  extensive 
travel  and  frequent  relocation. 
Apply:  Site  Administrator, 

Greene  County  Career  Link,  4 
West  High  Street,  Waynesburg, 
PA  15370,  Job  No.  WEB410238. 


GCP,  Inc.:  IT  firm  seeks  Multi 
SW  Eng'rs.  positions  for  the  fol¬ 
lowing  projects: 

REF#FX005:  Business  Systems 
Appls:  must  have  exp.  in  devel¬ 
oping  appls  using  Ultimus,  ASP, 
JavaScript,  XML,  MS  Access  & 
MS  SQL  Server. 

REF#FX006:  GUI  Appls:  must 
have  exp.  in  Java,  Tel,  Jacl,  Tel 
Blend,  Frontier  JDO. 

Must  include  on  resume  the  job 
ref  #  that  you  are  applying. 
Applicants  must  have  a  MS  in 
CS,  Eng'g  or  Applied  Sci.  rel. 
plus  2  yrs.  exp.  sys  analysis/ 
prog’g  rel.  exp.  Will  consider  BS 
&  5  yrs  exp  as  equiv.  FT.  Jobsite: 
Cranston,  Rl,  may  change  to 
other  job  sites  throughout  US  as 
req.  Send  resume  to  GCP,  4451 
Brookfield  Corporate  Drive, 
Suite  117,  Chantilly,  VA  20151. 
Legal  right  to  work  in  the  US 
must  be  stated. 


Computer  Professional  (Multiple 
Openings)  W/exp  in  one  or  more 
of  the  following: 

C/C++,  JAVA,  Power  Builder, 
Visual  Basic,  Oracle,  Developer 
2000,  Sybase,  Windows,  Unix 
Admin,  People  Soft,  SQL  Server, 
SAP,  Oracle  Financials,  Cobol, 
Db2,  Cics,  MVS,  JCL,  AS/400 
Lucrative  compensation.  Please 
E-mail  your  Resumes  to  the  fol¬ 
lowing  address: 

INFO@ADVANSOFTUSA.COM 

Attn.  HR  Department 
AdvanSoft  Worldwide,  Inc. 

2255  Lois  Dr.,  Suite  #9 
Rolling  Meadows,  IL  60008 
Visit 

WWW.ADVANSOFTUSA.COM 
For  More  Details 


SENIOR  SOFTWARE  ENGI¬ 
NEER  to  design,  develop,  main¬ 
tain  and  test  custom  applica¬ 
tions  using  Sybase,  Power 
Builder,  PFC,  Visual  Basic,  ASP, 
Java,  J2EE,  JSP,  VB.NET, 
C#.NET,  ASP.NET,  Oracle,  MS 
SQL  Server  and  Actuate  e- 
Reporting  tools  on  Windows 
platform;  Mentor  junior  program¬ 
mers  and  engineers.  Require: 
B.S.  degree  in  Computer 
Science,  an  Engineering  disci¬ 
pline,  or  a  closely  related  field 
with  5  yrs  of  exp  in  the  job 
offered  or  as  a  Programmer/ 
Analyst  or  Programmer.  Comp¬ 
etitive  salary  offered.  Apply  by 
resume  to:  Bhavin  Kusal, 
Popular  Tech,  250  Parkway  Dr., 
Ste.  150,  Lincolnshire,  IL  60069- 
4340;  Attn:  Job  SK. 


IT  Professionals  needed  for  IT 
development  and  consulting  firm 
headquartered  in  the  Atlanta  re¬ 
gion  but  with  offices  and  projects 
for  clients  located  throughout  the 
U.S.  Muitipie  positions  open.  The 
positions  open  are  for  client  ser¬ 
ver  and  web-based  developers. 
Some  of  the  skill  sets  needed 
immediately  include: 

•  Clarion,  ASP,  ASP. Net,  MS 
Exchanqe 

•  EJB,  J2EE,  Javascript,  XML. 
Web  Services,  Oracle 

•  J2EE,  Web  Logic,  XML, 

VXML,  XSL 

All  positions  require  a  B.S. 
degree  in  either  computer  sci¬ 
ence,  math,  engineering,  or  busi¬ 
ness.  Competitive  salary  is 
offered.  Experience  required 
varies  from  1-5  yrs.  exp.  in  skills 
identified  above.  If  interested, 
please  send  resume  to: 
adjobs@mdicareers.com 


Software  engineer  to  design, 
develop  and  test  computer  pro¬ 
grams  for  business  applications; 
analyze  software  requirements 
to  determine  feasibility  of  des¬ 
ign;  direct  software  system  test¬ 
ing  procedures  using  expertise 
in  J2EE,  EJB,  JAXP,  JMX,  Orac¬ 
le  and  Servlets.  Requirements: 
Bachelor's  Degree  or  equivalent 
in  Computer  Science  or  related 
field  and  two  years  experience 
as  a  software  engineer  or  com¬ 
puter  programmer,  knowledge  of 
J2EE,  EJB,  JAXP,  JMX,  Oracle 
and  Servlets.  Salary:  $70,242/ 
year.  Working  Conditions:  8:00 
A.M.  to  5:00  P.M.,  40  hours/ 
week,  involves  extensive  travel 
and  frequent  relocation.  Apply: 
BECS/CareerLink  Program  Sup¬ 
ervisor,  Indiana  County  Career 
Link,  300  Indian  Springs  Road, 
Indiana,  PA  15701,  Job  No. 
WEB410242. 


Programmer  Analyst  -  Java: 
Wanted  by  an  IT  consulting  firm 
in  Keene,  NH  to  work  at  various 
client  locations  throughout  USA. 
Respond  to  HRD,  Infowave 
Systems,  39  Central  Square, 
Suite  #201  A,  Keene.  NH  -03431. 
Requires:  Bachelor  Degree  in 
Computer  Science  or  related 
field  and  one  year  experience.  In 
the  alternative  will  accept  appli¬ 
cants  with  three  years  of  univer¬ 
sity  level  education  plus  three 
years  of  experience  performing 
analysis,  development  and  test¬ 
ing  of  enterprise  web  applica¬ 
tions.  Primary  experience  must 
incl  working  with  technologies 
such  as  J2EE,  XML  suite,  BPMS, 
Shell  scripts,  RDBMS  Design, 
Development  and  Tuning,  Mid¬ 
dleware  on  UNIX. 


Computer  Specialist  -  Perform 
computer  programming,  gather 
user  requirements,  and  cus¬ 
tomize  software  in  database 
design.  Conduct  data  modeling 
in  both  front-end  and  back-end 
design  on  MS  Windows  platform 
while  using  allied  Internet  tech¬ 
nologies  including  Asp.net, 
C#.net,  and  XML.  Pays 
$62,323.00/yr.  Requires  M.S.  in 
Computer  Science,  or  M.S.  or 
M.B.A.  with  major  in  Computer 
Information  Systems,  Manage¬ 
ment  Information  Systems,  or 
Information  Technology,  or  Mas¬ 
ter  of  Computer  Applications. 
Requires  2  yrs.  exp.  as  Comput¬ 
er  Specialist  or  2  yrs.  exp.  as 
Programmer,  Programmer-An¬ 
alyst,  Computer  Analyst,  or  Soft¬ 
ware  Engineer.  Send  2  copies  of 
resume/letters  of  application  to: 
Job  Order  #  2004-380,  P.O.  Box 
989,  Concord,  NH  03302-0989. 


Software  engineer  to  design,  de¬ 
velop  and  test  computer  pro¬ 
grams  for  business  applications; 
analyze  software  requirements 
to  determine  feasibility  of  de¬ 
sign;  direct  software  system 
testing  procedures  using  exper¬ 
tise  in  .NET,  EJB,  SQL  Server, 
C#  and  XML.  Requirements: 
Bachelor's  Degree  or  equivalent 
in  Computer  Science  or  related 
field  and  two  years  experience 
as  a  software  engineer  or  com¬ 
puter  programmer,  knowledge  of 
.NET,  EJB,  SQL  Server,  C#  and 
XML.  Salary:  $70, 242/year. 
Working  Conditions:  8:00  A.M. 
to  5:00  P.M.,  40  hours/week,  in¬ 
volves  extensive  travel  and  fre¬ 
quent  relocation.  Apply:  Fayette 
County  CareerLink,  Attn:  Career 
Link  Program  Supervisor,  135 
Waylan  Smith  Drive,  Uniontown, 
PA  15401 ,  Job  No.  WE B4 10227. 


SOFTWARE  ENGINEER, 
SALES  MANAGER, 

AND 

BUSINESS  ANALYST 

Glendale  based  IT  Company 
has  multiple  openings  for 
Software  Engineers, 
Sales  Managers,  and 
Business  Analysts. 
These  positions  may  require 
travel  throughout  the  U.S.  For 
consideration  please  send 
resume  and  salary  history  to: 
Trinus  Corporation 
330  North  Brand  Blvd. 
Suite  324 

Glendale,  CA  91203 


Technical  support  specialist, 
Rome,  Georgia.  Requires  two 
years  experience  and  Microsoft 
Certified  Professional  certificate. 
Maintain,  upgrade  and  provide 
user  administration  of  compiler 
computer  systems.  Create  and 
administer  an  internet  web  site. 
Create  and  control  a  disaster 
recovery  model.  Maintain  and 
monitor  company  internal  and 
external  e-mail  system. 
Interested  please  submit 
resumes  to  Jeffrey  T.  Baker,  Sr. 
at  19  Shorter  Industrial  Blvd., 
Rome,  GA  30165. 


e-lite  companies 

e-merging  companies 

e  -  s  s  e  n  t  i  a  1  companies 

e-normous  opportunities 
www.itcareers  .com 
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Continued  from  page  1 

Sun’s  Plan 

having  given  up  the  title  of 
president  to  former  software 
division  head  Jonathan 
Schwartz  in  a  management 
reshuffle  earlier  this  month, 
McNealy  made  it  clear  that 
he’s  in  charge  and  that  he 
and  Schwartz  are  “joined  at 
the  hip.” 

McNealy  compared  his  lead¬ 
ership  style  to  the  aggressive, 
top-down  approach  of  a  mili¬ 
tary  leader,  pointing  to  former 
U.S.  Army  Gen.  Norman 
Schwarzkopf,  commander  of 
Operation  Desert  Storm,  as  the 
type  of  leader  he  admires.  It’s 
an  apt  comparison:  McNealy  is 
under  the  gun  to  improve  prof¬ 
itability  after  Sun  posted  a  net 
loss  of  $760  million  for  its 
most  recent  quarter  and  cut 
3,300  employees. 

“You  are  going  to  see  a  lot 
of  changes  here,”  McNealy 
promised  his  business  part¬ 
ners,  whose  fortunes  are 
closely  tied  to  Sun’s.  McNealy 
said  that  he’s  focused  on  im¬ 
proving  profitability  and  that 
the  credibility  of  his  vision,  at 
least  on  Wall  Street,  will  rise 
only  if  the  bottom  line  rises  — 
despite  the  fact  that  Sun  has 
$7.5  billion  in  cash. 

“The  opportunity  exists;  the 
execution  will  determine  the 


outcome,”  said  Anna  McDer¬ 
mott,  president  and  CEO  of 
GE  Access,  a  General  Electric 
Co.  subsidiary  that  serves  as  a 
value-added  distributor  for 
about  800  Sun  resellers. 

Technology  on  Track 

Talisen  Technologies,  which 
makes  secure  remote-access 
software,  also  sees  an  oppor¬ 
tunity.  Two  months  ago,  the  St. 
Louis-based  company  become 
a  Sun  partner  and  is  integrat¬ 
ing  its  product  into  the  Java 
Enterprise  System,  a  software 
stack  that  includes  Sun’s  di¬ 
rectory,  application  and  portal 
servers. 

“We  think  the  technology  is 
first-rate,”  said  Jeff  Brandt, 


Talisen’s  director  of  business 
development  for  the  aerospace 
sector.  “The  question  is,  how 
do  you  get  the  message  out?” 

McNealy  said  Sun  isn’t 
changing  its  core  technology 
direction;  for  instance,  it  isn’t 
backing  away  from  its  Ultra- 
Sparc  processors.  In  fact, 
McNealy  said  he  sees  chip 
throughput  improvements  as 
essential  to  enterprise  cus¬ 
tomers  for  emerging  tasks 
such  as  processing  radio  fre¬ 
quency  identification  data 
from  thousands  of  connected 
systems. 

And  Sun  has  no  plans  to 
make  a  fundamental  shift 
to  Linux.  It  will  offer  Linux 
in  its  desktop  systems  and 
on  some  servers,  but  it  in¬ 
tends  to  stick  with  Solaris  for 


Continued  from  page  1 

Internet  Flaws 

to  cause  vulnerable  systems  to 
repeatedly  restart  when  proc¬ 
essing  specific  SNMP  re¬ 
quests,  eventually  leading  to 
DoS  conditions,  Cisco  said. 

The  flaw  is  particularly 
dangerous  because  it  affects  a 
wide  range  of  Cisco’s  routers 
and  switches  and  is  very  easy 
to  exploit,  said  Amit  Yoran, 
director  of  the  U.S.  Depart¬ 
ment  of  Homeland  Security’s 
National  Cyber  Security 
Division. 

“A  freshman  programmer 
can  attack  this  vulnerability 
and  crash  a  router,”  he  said. 

“There’s  very  little  by  way 
of  resources  that  is  needed  to 
mount  an  attack,”  added 
Shawn  Hernan,  a  member  of 
the  technical  staff  at  the  U.S. 
Computer  Emergency  Readi¬ 
ness  Team  (US-CERT). 

“An  ordinary  desktop  is 
more  than  sufficient”  to  take 
advantage  of  the  flaw,  he  said. 
Even  companies  that  other¬ 
wise  follow  security  best  prac¬ 
tices  are  unlikely  to  be  pro¬ 
tected  against  the  flaw  with¬ 
out  the  appropriate  patches  or 
work-arounds,  Hernan  said. 


JONATHAN  SCHWARTZ  may  be 

Sun’s  president,  but  Scott  McNealy 
made  it  clear  that  he’s  still  in 
charge,  saying  he  and  Schwartz 
are  “joined  at  the  hip.” 


mission-critical  systems. 

Solaris  is  what  Jim  Knudsen, 
technical  director  of  Digital 
Technology  International,  a 


But  some  users  appeared  to 
be  less  concerned. 

“I  don’t  think  it’s  a  very  big 
deal,”  said  Jim  Kirby,  senior 
network  engineer  at  Wells’ 
Dairy  Inc.  in  Le  Mars,  Iowa. 
After  reviewing  its  networks, 
the  company  decided  to  hold 
off  on  any  updates  and  work¬ 
arounds  until  the  next  sched¬ 
uled  maintenance  period,  he 
said.  Wells’  already  uses  strong 
access  control  lists  to  block 
traffic  to  SNMP  ports  and  has 
tools  to  monitor  for  network 
abnormalities,  Kirby  added. 

“Another  day,  another  vul¬ 
nerability,”  said  Hugh  Mc¬ 
Arthur,  information  security 
officer  at  Online  Resources 
Corp.,  an  online  bill-process¬ 
ing  company  in  McLean,  Va. 

By  Thursday,  Online  Re¬ 
sources  had  reviewed,  tested 
and  begun  deploying  Cisco’s 
updates.  However,  its  risks  are 
minimal  because  the  compa¬ 
ny’s  use  of  SNMP  is  minimal, 
according  to  McArthur. 

TCP  Flaw 

Meanwhile,  a  US-CERT  advi¬ 
sory  last  week  warned  of  a 
critical  flaw  in  the  Internet’s 
core  Transmission  Control 
Protocol.  The  flaw  allows  re¬ 
mote  attackers  to  create  DoS 


developer  of  newspaper  pub¬ 
lishing  systems  in  Springville, 
Utah,  recommends  to  his  cus¬ 
tomers.  If  something  goes 
wrong  with  a  client’s  Linux 
system,  “I  don’t  even  have  a 
throat  to  choke,  except  my 
own,”  he  said. 

McNealy  acknowledged  the 
need  to  build  a  stronger  rela¬ 
tionship  with  his  channel  by 
avoiding  competition  between 
the  resellers  and  his  sales 
force  and  by  better  utilizing 
the  resellers’  industry  exper¬ 
tise  to  deliver  systems  that 
solve  users’  problems. 

Sun  was  once  “totally  prod¬ 
uct-focused,”  and  services 
were  “an  afterthought,”  said 
Larry  Baker,  senior  director  of 
Sun’s  global  partner  strategy. 

McNealy  also  addressed  the 


conditions  against  TCP  con¬ 
nections,  with  sustained  at¬ 
tacks  capable  of  disrupting 
portions  of  the  Internet,  the 
advisory  stated. 

The  flaw  was  disclosed  by 
the  U.K.’s  National  Infrastruc¬ 
ture  Security  Co-ordination 
Centre  and  involved  a  long- 
known  weakness  in  TCP  that 


Flaw  Fallout 


Cisco’s  vulnerabilities  in 
SNMP  message  processing 

■  Affect  I0S  Versions  12.0S, 

12.1E,  12.2, 12.2S,  12.3, 12.3B 
and  12.3T. _ 

■  Could  cause  affected  devices 
to  reboot  when  exploited.  Re¬ 
peated  attacks  could  cause 
DoS  conditions. 

■  Can  be  fixed  by  available 
patches  and  work-arounds. 

Vulnerabilities  in  TCP 


■  Affect  implementations  that 
comply  with  the  Internet  Engi¬ 
neering  Task  Force’s  specs. 

■  Could  allow  attackers  to 
create  DoS  conditions 
against  TCP  connections. 

■  Can  be  fixed  using  available 
vendor  patches. 


importance  of  dramatically  in¬ 
creasing  Sun’s  recurring  rev¬ 
enue,  which  now  accounts  for 
about  one-third  of  the  more 
than  $8  billion  in  revenue  Sun 
reported  for  the  first  nine 
months  of  its  fiscal  year.  And 
software  is  critical  to  that  ef¬ 
fort,  he  said. 

“We  are  not  selling  the  com¬ 
ponent,”  said  McNealy.  “What 
we  are  doing  is  providing  a 
Web  services  infrastructure.” 

Mardi  Norman,  president  of 
Dynamic  Systems  Inc.,  a  Los 
Angeles-based  reseller  of  Sun 
servers  to  the  public  sector,  is 
confident  that  McNealy  will 
win  the  battle.  “If  I  didn’t  have 
a  strong  belief  in  the  future  of 
Sun,”  she  said,  “I  would  have 
to  change  the  direction  of  my 
company.”  ©  46416 


allows  attackers  to  constantly 
reset  routers  by  guessing  a 
unique  32-bit  number  needed 
for  the  process. 

Particularly  vulnerable  to 
the  TCP  flaw  are  the  Internet’s 
vital  Border  Gateway  Protocol 
routers,  which  share  traffic- 
routing  information. 

The  flaw  is  serious  because 
it  affects  virtually  every  prod¬ 
uct  that  uses  TCP,  experts  said. 
But  exploiting  it  continues  to 
be  a  challenge,  said  Paul  Mock- 
apetris,  inventor  of  the  Inter¬ 
net’s  core  Domain  Name  Sys¬ 
tem  and  chairman  of  IP  address 
management  vendor  Nominum 
Inc.  in  Redwood  City,  Calif. 

“It’s  not  a  superbig  deal,  be¬ 
cause  you  pretty  much  have  to 
reveal  yourself”  when  launch¬ 
ing  such  an  attack,  he  said. 

Internet  Security  Systems 
Inc.  was  able  to  crash  a  router 
in  15  seconds  by  exploiting  the 
TCP  flaw,  said  Chris  Rouland, 
director  of  the  X-Force  securi¬ 
ty  team  at  Atlanta-based  ISS. 
But  even  that  is  very  long  in 
network  time.  “It’s  very  noisy 
and  very  easy  to  detect,”  he 
added.  ©  46415 

MOREIHSl 

Turn  to  page  46  for  Frank  Hayes' 
suggestion  for  addressing  the  TCP  flaw. 
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FRANK  HAYES  ■  FRANKLY  SPEAKING 


Money  Problem 

Another  week,  another  couple  of  security  holes  — 

and  this  time  they’re  not  from  Microsoft.  Instead  of  af¬ 
fecting  an  application  or  operating  system,  these  prob¬ 
lems  threaten  the  entire  Internet  (see  story,  page  1). 

The  easy  one  to  fix  is  in  Cisco  routers  and  switches; 
Cisco  has  a  patch  that  blocks  the  problem.  Good  thing,  too,  because 
that  one  poses  the  more  immediate  threat. 

The  other  vulnerability  is  with  the  Transmission  Control  Protocol 
—  the  TCP  in  TCP/IP.  TCP  is  used  everywhere  on  the  Internet.  And 
the  best  way  to  solve  that  problem  may  be  to  throw  money  at  it. 


Put  simply,  the  TCP  vulnerability  makes  it 
possible  for  an  attacker  to  shut  down  a  TCP 
session  after  guessing  a  random  number.  It 
could  be  used  to  shut  down  communication 
between  two  routers  on  an  Internet  backbone. 
That,  in  turn,  could  knock  out  whole  chunks  of 
the  Internet  until  the  routers  recover  and  re¬ 
build  their  routing  tables.  Enough  of  these  at¬ 
tacks  at  once  could  wreak  havoc. 

That’s  the  threat.  And  it’s  been  known  for 
nearly  20  years.  But  the  risk  seemed  minimal  — 
how  likely  was  it  that  an  attacker  could  success¬ 
fully  guess  a  random  number  between  zero  and 
4,294,967,295,  anyway? 

But  over  the  years,  researchers  discovered 
that  the  random  number  isn’t  all  that  random. 
And  that  many  routers  can  be  shut  down  with¬ 
out  guessing  the  exact  number  —  just  hitting 
around  the  right  number  will  do  it.  And  that 
faster  networks  let  an  attacker  make  more 
guesses:  If  attackers  use  hundreds  or  thousands 
of  zombie  PCs  for  the  attack,  the  guesses  can 
come  orders  of  magnitude  faster. 

Today,  that  number-guessing  attack  is  still  no 
simple  slam-dunk.  But  now  it’s  actually  con¬ 
ceivable.  And  it’s  getting  easier  every  day. 

And  the  fixes?  There  are  several 
—  with  names  like  IPsec,  RFC  1948 
and  RFC  2385  —  and  they’ve  been 
around  for  years  too.  Some  use  en¬ 
cryption.  Others  make  the  numbers 
harder  to  guess. 

But  they  all  require  trade-offs. 

With  some,  security  improves  but 
performance  suffers.  Or  reliability 
drops.  Or  reliability  can  be  restored, 
but  that  causes  a  performance  hit. 

Which  do  we  choose  —  security, 
reliability  or  performance? 

That’s  easy.  Anytime  you  can  con¬ 
vert  another  class  of  problem  into  a 


hardware  performance  problem,  you  can  solve 
it.  Other  kinds  of  problems  are  technical  —  and 
usually  hard  to  fix.  Performance  problems  just 
cost  money. 

Improving  hardware  performance  is  cheap. 
Thanks  to  Moore’s  Law,  it  gets  cheaper  every 
year.  And  it’s  one  of  the  few  things  in  IT  that 
can  be  reliably  priced.  So  you  can  figure  out 
exactly  what  the  cost  is  to  solve  a  performance 
problem  by  buying  faster  hardware. 

Will  you  pay  that  price?  Maybe  not.  But  it’s 
not  a  technical  issue.  Any  problem  you  can 
transform  into  a  hardware  problem  is  one  that 
can  be  solved  —  by  throwing  money  at  it. 

Back  to  the  TCP  flaw:  We  all  bemoan  security 
problems  on  the  Internet.  We  now  have  a  loom¬ 
ing  threat  in  the  form  of  this  number-guessing 
attack.  The  Internet  backbone  is  largely  at  risk 
because  the  routers  running  it  don’t  have  the 
computing  power  to  run  encryption-based  pro¬ 
tocols  like  IPsec,  which  could  block  not  only 
number-guessing  attacks  but  many  other 
threats  as  well. 

What  would  it  take  to  develop  a  more  effi¬ 
cient,  new  TCP  security  protocol  that  doesn’t 
cause  IPsec’s  performance  hit?  We  don’t  know. 

We  don’t  even  know  if  it’s  possible. 

But  what  would  it  take  to  roll  in 
faster  hardware  for  all  of  the  Inter¬ 
net’s  backbone  routers?  Just  money. 
Lots  of  money,  it’s  true,  and  we’d 
be  paying  the  tab  in  the  form  of 
higher  Internet  bills.  But  for  once, 
we  can  actually  calculate  the  price 
of  a  secure  Internet  infrastructure. 

Will  we  pay  that  price?  Maybe. 
But  if  we  won’t  throw  money  at 
this  problem,  we’ve  really  got  no 
one  else  to  blame  when  some 
number-guessing  attacker  finally 
brings  down  the  Internet.  ©  46384 


frank  hayes,  Computer- 
world's  senior  news  colum¬ 
nist,  has  covered  IT  for  more 
than  20  years.  Contact  him  at 

frank_hayes@computerworld.coni. 


Honesty  Is  the  Best  Policy 

It’s  the  1970s,  and  a  pilot  fish  writes  a  program  to  cal¬ 
culate  production  schedules  based  on  parameters 
from  this  operations  bigwig.  But  every  month,  fish  has 
to  run  the  program  several  times,  tweaking  the  para¬ 
meters  until  the  bigwig  gets  the  results  he  wants. 
Fish's  solution:  He  writes  another  program  that  takes 
the  numbers  desired  and  cranks  out  the  right  parame¬ 
ters  for  that  result:  he  figures  that  will  save  time  all 
around.  But  the  bigwig  nixes  that  plan.  His  reason: 


room  also  had 
a  video  game 
console  and 
some  other 
features.  One 
data  center.  “On  Black  j  of  the  little  boxes  in  the 
Monday,  colleagues  I’d  I  back  was  attached  via 
worked  with  for  years  j  a  1-foot  piece  of  Cat  5 
got  a  phone  call  and  j  cable.  Bingo!  Instant  ac- 
10  minutes  later  were  i  cess,  thanks  to  the ‘gen- 
shown  to  the  door,”  says  j  erous’  hotel  amenities.” 
a  pilot  fish  there.  But 

one  25-year  vet  survives  j  Another  Fine  MeSS 
when  the  boss  shows  his  \  Pilot  fish  figures  it’s  safe 
hit  list  to  an  IT  manager,  j  to  store  these  four 
“You  might  want  to  re-  \  pumpkins  under  the 
consider  this  one,”  man-  j  mainframe  room’s  raised 
ager  says.  “He's  the  j  floor  for  a  month  before 
chief  security  system  \  Halloween.  Come  late 
administrator.  If  you  fire  !  October,  he  retrieves 
him,  there  will  be  no  one  j  them,  but  only  three  are 
to  suspend  the  IDs  of  the  j  left;  the  fourth  is  a  reek- 
other  workers.”  j  ing  orange  puddle.  “To 

I  my  surprise,  one  of  my 
Playing  the  Game  j  operators  cheerfully 
After  paying  $10  a  day  j  said.  I’ll  dean  that  up.’  ” 
for  broadband  access  at  j  says  fish.  “His  previous 
this  hotel,  pilot  fish  dis-  1  job  was  at  McDonald’s, 
covers  there’s  no  cable  -  j  and  this  little  cow  pie 
it  costs  an  extra  $5  a  I  was  nothing  compared 
day.  “So  I  did  what  any  j  to  things  at  that  job.  He 
good  IT  person  would;  I  j  was  the  only  operator 
scrounged  around  for  j  in  our  shop  to  ever  get 
one,”  fish  says.  "I  no-  j  perfect  scores  on  his 
ticed  that  the  TV  in  the  :  midyear  evaluation.” 

4%  FIVE  YEARS.  Hard  to  believe  it’s  that  long  since 
Sharky  started  telling  your  true  tales  of  IT  life, 
huh?  Not  bad  for  an  U  lifer  with  a  little  water-cooler 
time  on  his  hands.  Sharky  wants  to  thank  all  his 
friends  who  made  it  possible:  Steve,  Frank,  Sami, 
Mitch,  Tom,  Brian  and  especially  all  you  heroic  pilot 
fish  who  will  remain  nameless  -  so  you  can  keep  your 
jobs.  Your  secrets  are  safe  with  me,  kids. 

Want  to  join  their  ranks  and  score  a  stylish  Shark 
shirt?  Then  come  on,  just  send  me  your  tale:  sharky® 
computerworid.com.  And  check  out  the  daily  feed, 
browse  the  Sharkives  and  sign  up  for  Shark  Tank 
home  delivery  at  computerworld.com/sharky. 


“It  just  wouldn’t  be  honest.” 
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Networks  that  Know 


See  us  at  NetWorld+Interop  2004 
Booth  #2029 


These  days,  no  network  is  free  of  threats.  That’s  why  you  have  to  assign  network  security  privileges  to  everyone. 
Employees,  customers,  and  partners.  You  need  to  set  an  acceptable  use  policy  that  dictates  what  each  of  them  can 
and  can’t  access.  Until  now,  you  had  to  do  this  manually. 

Not  anymore.  Now  you  can  do  what  Baylor  University  did.  Implement  an  Enterasys  Secure  Networks™  solution  with 
a  unique,  policy-based  system  that  empowers  the  network  to  allocate  resources  based  on  specific  users  and  their 
roles.  The  network  “sees”  who  the  user  is  and  assigns  privileges  accordingly.  This  improved  control  also  gives  you 
more  security.  r 

It’s  all  about  giving  you  a  smarter  way  to  network  with  central,  intuitive  management.  Find  out  more  by  visiting 
enterasys.com/seconds.  Or  ask  any  one  of  the  many  enterprise  customers  we’ve  worked  with  for  years. 
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